CVE-2008-2903
The CVE-2008-2903 entry concerns a SQL injection in Advanced Webhost Billing System (AWBS) versions 2.3.3 through 2.7.1. The vulnerable component is news.php, exploitable via the viewnews parameter when magic_quotes_gpc is disabled. The effect is arbitrary SQL execution by a remote attacker, with...