CVE-2009-3531

SQL injection vulnerability in vnews.php in Universe CMS 1.0.6 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Date published : 2009-10-02

http://www.exploit-db.com/exploits/9099

http://packetstormsecurity.org/0907-exploits/universecms-sql.txt