SQL injection vulnerability in WEB//NEWS 1.4 allows remote malicious users to execute arbitrary SQL commands via the (1) wn_userpw parameter to startup.php, (2) cat, (3) id, or (4) stof parameter to news.php, or (5) id parameter to print.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
stylemotion web news 1.4 |