Summary
viewheadline.php is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Impact
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Detection
Send a special crafted HTTP GET request and check the response
Severity
Classification
-
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Atutor AContent Multiple SQL Injection and XSS Vulnerabilities
- Andy's PHP Knowledgebase 's' Parameter SQL Injection Vulnerability
- Atutor AChecker Multiple SQL Injection and XSS Vulnerabilities
- A-Blog 'sources/search.php' SQL Injection Vulnerability
- Apple Safari RSS Feed Information Disclosure Vulnerability