Multiple SQL injection vulnerabilities in Develop It Easy News And Article System 1.4 allow remote attackers to execute arbitrary SQL commands via (1) the aid parameter to article_details.php, and the (2) username and (3) password to the admin panel (admin/index.php).
CPE | Name | Operator | Version |
---|---|---|---|
news_and_article_system | eq | 1.4 |