CVE-2004-1402 Information

Description

SQL injection vulnerability in iWebNegar allows remote attackers to execute arbitrary SQL commands via (1) the string parameter for index.php (2) comments.php or (3) the administrator login page.

Reference

http://marc.info/?l=bugtraq&m=110314454810163&w=2 http://www.securityfocus.com/bid/11946 https://exchange.xforce.ibmcloud.com/vulnerabilities/18505