SQL injection vulnerability in snews.php in sNews 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) category parameters to index.php.
CVSS Score
7.5
EPSS Score
0.004
Published
2005-11-27