2001-05-07 04:00:00
mitre
PUBLISHED
NewsDaemon before 0.21b allows remote attackers to execute arbitrary SQL queries and gain privileges via a malformed user_username parameter.