CVE-2009-3505
The CVE-2009-3505 entry documents a SQL injection vulnerability in view_news.php of the Vastal I-Tech MMORPG Zone, exploitable via the news_id parameter. The underlying issue is improper handling of user-supplied input in a SQL query, enabling remote attackers to execute arbitrary SQL commands. T...