SQL Injection Vulnerability in phpWebSite Announce and Notes Modules

SQL Injection Vulnerability in phpWebSite Announce and Notes Modules

CVE-2004-2322 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SQL injection vulnerability in the (1) announce and (2) notes modules of phpWebSite before 0.9.3-2 allows remote attackers to execute arbitrary SQL queries, as demonstrated using the ANN_id parameter to the announce module.

Learn more about our Web App Pen Testing.