Multiple SQL injection vulnerabilities in News Manager 2.0 allow remote malicious users to execute arbitrary SQL commands via the (1) lang parameter to (a) advsearch.php, (b) archive.php, and (c) index.php, and the (2) pid parameter to (d) list_tagitems.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
news manager news manager 2.0 |