CVE-2008-5767
CVE-2008-5767 describes an SQL injection in the authors.asp page of the gNews Publisher, exploitable via the authorID parameter. The underlying issue is improper input handling allowing remote attackers to manipulate SQL queries. The NVD records a CVSSv2 base score of 7.5 (HIGH) with network atta...