SQL injection vulnerability in snews.php in sNews 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) category parameters to index.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 62.4%