SQL injection vulnerability in news.php in Advanced Webhost Billing System (AWBS) 2.3.3 up to and including 2.7.1, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the viewnews parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
awbs advanced webhost billing system 2.7 |
||
awbs advanced webhost billing system 2.7.1 |
||
awbs advanced webhost billing system 2.3.3 |
||
awbs advanced webhost billing system 2.5 |
||
awbs advanced webhost billing system 2.6.3 |