SQL injection vulnerability in news_detail.asp in ASP NEWS 3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
asp news asp news