CVE-2007-2520
CVE-2007-2520 affects MyNews 0.10. SQL injection in admin.php via the authacc cookie when PHP magic_quotes_gpc is disabled. The vulnerability allows remote execution of arbitrary SQL commands and could lead to data exposure or modification; impact is described as partial confidentiality/integrity...