SQL injection vulnerability in index.php in sNews 1.7 allows remote malicious users to execute arbitrary SQL commands via the category parameter.
solucija snews 1.7