SQL injection vulnerability in popupnewsitem/ in the Pop Up News module 2.0 and possibly earlier for phpVMS allows remote malicious users to execute arbitrary SQL commands via the itemid parameter. NOTE: this was originally reported as a problem in phpVMS.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
simpilotgroup pop up news 2.0 |