CVE-2005-2156

CVE-2005-2156

EPSS 1.1%

SQL injection vulnerability in news.php in PHPNews 1.2.5 allows remote attackers to execute arbitrary SQL commands via the prevnext parameter.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://sourceforge.net/project/shownotes.php?group_id=66322&release_id=339317 http://www.securityfocus.com/bid/14133