CVE-2014-125040

Name of the Vulnerable Software and Affected Versions stevejagodzinski DevNewsAggregator (affected versions not specified)

Description A critical issue was found in the function getByName of the file php/data access/RemoteHtmlContentDataAccess.php. The manipulation of the argument name leads to sql injection.

Recommendations Apply a patch to fix this issue. The patch is identified by the name b9de907e7a8c9ca9d75295da675e58c5bf06b172. As a temporary workaround, consider disabling the getByName function until a patch is available.