3 matches found
CVE-2001-0234
NewsDaemon before 0.21b allows remote attackers to execute arbitrary SQL queries and gain privileges via a malformed userusername parameter...
CVE-2001-0234
NewsDaemon is affected prior to version 0.21b, where a malformed user_username parameter allows remote attackers to execute arbitrary SQL queries and gain administrative privileges on the web site. The issue enables remote access to administer NewsDaemon through the web interface. Remediation: up...
CVE-2001-0234
NewsDaemon before 0.21b allows remote attackers to execute arbitrary SQL queries and gain privileges via a malformed userusername parameter...