CVE-2008-2823
Affected software: PHPeasyblog (formerly phpeasynews) 1.13 RC2 and earlier. Vulnerability: SQL injection in newsarchive.php via the post parameter, enabling remote execution of arbitrary SQL. Root cause: unsafely incorporating user input into SQL. Impact: remote attacker can run arbitrary SQL com...