|
Description
|
|
A vulnerability was identified in Silvernews, which may be exploited by remote attackers to execute arbitrary commands. This flaw is due to an input validation error in the "admin.asp" script that does not properly filter specially crafted "user" and "password" parameters, which may be exploited by remote users to conduct SQL injection attacks, gain unauthorized access to the administration interface, and execute arbitrary commands via specially crafted templates.
|
