SQL injection vulnerability in index.php in Plague News System 0.6 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Plague_news_system | Frozenplague.net | 0.6 | 0.6 |
Plague_news_system | Frozenplague.net | 0.4rc4 | 0.4rc4 |
Plague_news_system | Frozenplague.net | 0.4rc3 | 0.4rc3 |
Plague_news_system | Frozenplague.net | 0.4 | 0.4 |