https://www.exploit-db.com/exploits/25934

漏洞细节尚未披露

source: http://www.securityfocus.com/bid/14136/info

Plague News System is prone to an SQL injection vulnerability. As a result, the attacker may modify the structure and logic of an SQL query that is made by the application.

Other attacks may be possible depending on the capabilities of the underlying database and the nature of the affected query. 

http://www.example.com/index.php?cid=[SQL Command]