DMANews Multiple SQL Injection Vulnerabilities

DMANews Multiple SQL Injection Vulnerabilities

The following examples were provided:

http://www.example.com/index.php?action=comments&id=[sq]
http://www.example.com/index.php?action=news_list&display_num=[sql]
http://www.example.com/index.php?action=news_list&sortorder=[sql]