2008-03-12 17:00:00
mitre
PUBLISHED
SQL injection vulnerability in archives.php in Gregory Kokanosky (aka Gregs Place) phpMyNewsletter 0.8 beta 5 and earlier allows remote attackers to execute arbitrary SQL commands via the msg_id parameter.