SQL Injection Vulnerability in sNews 1.3 and Earlier: Remote Code Execution via snews.php

SQL Injection Vulnerability in sNews 1.3 and Earlier: Remote Code Execution via snews.php

CVE-2005-3853 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SQL injection vulnerability in snews.php in sNews 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) category parameters to index.php.

Learn more about our Web Application Penetration Testing UK.