CVE-2005-2896
CVE-2005-2896 describes an SQL injection vulnerability affecting WEB//NEWS 1.4. The vulnerability arises from unsafely handling user-controlled input in multiple parameters: wn_userpw in startup.php, and cat, id, or stof in news.php, as well as id in print.php. Successful exploitation could allow...