CVE-2007-5458
CVE-2007-5458 describes an SQL injection in index.php of the KwsPHP newsletter module 1.0. The vulnerability occurs when magic_quotes_gpc is disabled, allowing remote attackers to inject arbitrary SQL via the newsletter parameter. This is supported by multiple connected records (NVD/NVD listing, ...