Description - SQL Injection Vulnerability in PHP Newsfeed

SQL Injection found in PHP Newsfeed script.

Exploit
Available
Solution
Not available - check vendor's website

SQL Injection.

Vulnerable scripts:
deltables.php
manualsubmit.php
delete.php
searchnews.php

Parameters name(deltables.php), select(manualsubmit.php), header(manualsubmit.php), url(manualsubmit.php), source(manualsubmit.php), time(manualsubmit.php), num(delete.php), tablename(searchnews.php) are not properly sanitized before being used in SQL query. This can be used to make any SQL query by injecting arbitrary SQL code.

Order Source Code Review

Prevent hacker attacks by source code audit of your site done by our team.The work will be done by experts in web security.

Advisories by vuln type