SQL injection vulnerability in authors.asp in gNews Publisher allows remote malicious users to execute arbitrary SQL commands via the authorID parameter.
gazatem gnews publisher nil