VYPR
Unrated severityNVD Advisory· Published Apr 1, 2014· Updated Jun 17, 2026

CVE-2013-7349

CVE-2013-7349

Description

Multiple SQL injection vulnerabilities in Gnew 2013.1 allow remote attackers to execute arbitrary SQL commands via the (1) news_id parameter to news/send.php, (2) thread_id parameter to posts/edit.php, or (3) user_email parameter to users/password.php or (4) users/register.php. NOTE: these issues were SPLIT from CVE-2013-5640 due to differences in researchers and disclosure dates.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:raoul_proenca:gnew:2013.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:raoul_proenca:gnew:2013.1:*:*:*:*:*:*:*
    • (no CPE)range: = 2013.1

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.