Description

SQL injection vulnerability in readmore.php in PHP-Fusion 4.01 allows remote attackers to execute arbitrary SQL commands via the news_id parameter.

Remediation

References

CVE-2008-5946

Related Vulnerabilities

Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3094)

Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2014-3581)

Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1232)

WordPress Plugin Squeeze Arbitrary File Upload (1.4)

MongoDb Improper Encoding or Escaping of Output Vulnerability (CVE-2021-20333)

Severity

High

Classification

CVE-2008-5946 CWE-138

Tags

Missing Update Known Vulnerabilities