PHP.news.php.NEWSID.Parameter.SQL.Injection
Description
This indicates a SQL injection vulnerability in FlexPHPNews 0.0.5. This issue is due to input validation errors in the "news.php" script when processing the "newsid" parameter. It allows remote attackers to execute arbitrary SQL commands.
Affected Products
FlexPHPNews 0.0.5
Impact
SQL Injection.
Recommended Actions
Currently we are not aware of any official supplied fix for issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |