CVE-2008-2903

2008-06-30T18:24:00
ID CVE-2008-2903
Type cve
Reporter cve@mitre.org
Modified 2017-09-29T01:31:00

Description

SQL injection vulnerability in news.php in Advanced Webhost Billing System (AWBS) 2.3.3 through 2.7.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the viewnews parameter.