2 matches found
CVE-2008-1650
SQL injection vulnerability in dynamicpages/index.php in EasyNews 4.0 allows remote attackers to execute arbitrary SQL commands via the read parameter in an edpHelpInternalNews action...
CVE-2008-1650
CVE-2008-1650 describes an SQL injection in EasyNews 4.0. The vulnerability exists in dynamicpages/index.php where the read parameter in the edp_Help_Internal_News action can be manipulated to execute arbitrary SQL commands. The exploitation is described as a remote, network-based vector with no ...