https://www.exploit-db.com/exploits/26016
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200507-260

PHPNews是一款非常强大的新闻发布软件。PHPNews1.2.5的auth.php存在SQL注入漏洞。远程攻击者可以通过HTTPPOST请求中的user参数执行任意SQL命令。

source: http://www.securityfocus.com/bid/14333/info

PHPNews is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.

This vulnerability could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks. 

Navigate to the user logon form.

Enter the following string into the Username field:

anything' or '1'='1'/*

followed by any characters in the Password field.

来源:newsphp.sourceforge.net
链接:http://newsphp.sourceforge.net/changelog/changelog_1.30.txt
来源:BUGTRAQ
名称:20050720PHPNewsSQLinjectionvulnerability
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=112189453304389&w;=2
来源:BID
名称:14333
链接:http://www.securityfocus.com/bid/14333
来源:SECUNIA
名称:16148
链接:http://secunia.com/advisories/16148