2 matches found
CVE-2009-2735
SQL injection vulnerability in admin.php in sun-jester OpenNews 1.0, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter...
CVE-2009-2735
The CVE-2009-2735 entry describes an SQL injection in sun-jester OpenNews 1.0, via admin.php when magic_quotes_gpc is disabled. The vulnerability affects the username parameter, enabling remote attackers to execute arbitrary SQL commands. This is documented in NVD and mirrored in multiple referen...