Intrusion Prevention

Stylemotion.WEBNEWS.SQL.Injection

Description

WEB//NEWS is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.

Affected Products

Stylemotion WEB//NEWS 1.4

Impact

SQL injection.

Recommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.

CVE References

CVE-2005-2896