Multiple SQL injection vulnerabilities in News Manager 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) lang parameter to (a) advsearch.php, (b) archive.php, and © index.php, and the (2) pid parameter to (d) list_tagitems.php.
CPE | Name | Operator | Version |
---|---|---|---|
news_manager | eq | 2.0 |