Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SQL injection vulnerability in articles.asp in Expinion.net iNews (1) Publisher (iNP) 2.5 and earlier, and possibly (2) News Manager, allows remote attackers to execute arbitrary SQL commands via the ex parameter. NOTE: early reports of this issue reported it as XSS, but this was erroneous. The original report was for News Manager, but there is strong evidence that the correct product is Publisher.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Expinion.net iNews Publisher ‘Articles.ASP’SQL注入漏洞
Vulnerability Description
Expinion.net iNews (1) Publisher (iNP)(2)News Manager中的articles.asp存在SQL注入漏洞,远程攻击者可通过ex参数来执行任意SQL命令。注意:早期报告此问题为XSS,但这是不对。初始报告是针对News Manager,但是有明显证明正确的产品是Publisher。
CVSS Information
N/A
Vulnerability Type
N/A