1WebCalendar 4.0 /news/newsView.cfm NewsID Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17193/info 1WebCalendar is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. A successful exploi...