SQL Injection Vulnerability in PHPNews 1.2.5: Remote Code Execution via auth.php

SQL Injection Vulnerability in PHPNews 1.2.5: Remote Code Execution via auth.php

CVE-2005-2383 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SQL injection vulnerability in auth.php in PHPNews 1.2.5 allows remote attackers to execute arbitrary SQL commands via the user parameter in an HTTP POST request.

Learn more about our User Device Pen Test.