[VIM] PsNews v1.3 SQL Injection Vulnerability

George A. Theall theall at tenablesecurity.com
Tue Jul 6 20:31:34 CDT 2010

Exploit DB 14251 / Bugtraq 41410 concerns SQL injection  
vulnerabilities in something called PsNews. Both list the  
'ndetail.php' and 'print.php' scripts as affected and point to a  
SourceForge project page. Yet if you go to that project page, you see  
it's an ASP app (eg, "ASP based Content Management System"). And if  
you download version 1.3, which is supposed to be affected, you see  
neither script is included. Not even if you ignore the discrepancy in  
the file type.

So, is it a different app that's affected? Or just a bogus report?

theall at tenablesecurity.com

More information about the VIM mailing list