CVE-2006-1271
SQL injection vulnerability in index.php in OxyNews allows remote attackers to execute arbitrary SQL commands via the oxynews_comment_id parameter.
Date published : 2006-03-18
http://www.securityfocus.com/bid/17132
http://www.securityfocus.com/archive/1/428057/100/0/threaded