CVE-2013-3524
The CVE-2013-3524 entry describes a SQL injection vulnerability in the Pop Up News module (popupnewsitem/) of phpVMS, affecting version 2.0 and possibly earlier. The issue allows remote attackers to modify and retrieve data by injecting SQL through the itemid parameter. CVSS data from NVD indicat...