Description - SQL Injection Vulnerability in Newsadmin
SQL Injection found in Newsadmin script.
- Exploit
- Available
- Solution
- Not available - check vendor's website
1. SQL Injection.
Vulnerable script: readarticle.php
Parameter nid is not properly sanitized before being used in SQL query. This can be used to make any SQL query by injecting arbitrary SQL code.
Order Source Code Audit made by eVuln team
Check your site by source code testing of your website or web application done by Aliaksandr Hartsuyeu.The work will be done by specialists in web security.