Intrusion Prevention



It indicates an attempt of an SQL Injection attack against News Manager Lite. News Manager Lite is a news management program for web sites. It runs on Microsoft Windows platforms and it is built in ASP. Multiple SQL injection vulnerabilities in News Manager Lite 2.5 allow remote attackers to execute arbitrary SQL code. These vulnerabilities exist in the ID parameters to more.asp and category_news.asp and the filter parameter to news_sort.asp.

Affected Products News Manager Lite 2.5


Security Bypass Cross Site Scripting and Manipulation of data

Recommended Actions

Upgrade to News Manager Lite 2.6 or later.

CVE References