2006-03-19 02:00:00
mitre
PUBLISHED
SQL injection vulnerability in index.php in OxyNews allows remote attackers to execute arbitrary SQL commands via the oxynews_comment_id parameter.