[原文]Static code injection vulnerability in users.php in MySimpleNews allows remote attackers to inject arbitrary PHP code and HTML via the (1) LOGIN, (2) DATA, and (3) MESS parameters, which are inserted into news.php3.
MySimpleNews allows users to enter news articles through a web interface. It will allow PHP code to be injected into URI parameters of the 'users.php' script, which will be stored into a MySimpleNews file (news.php3). The injected code may then be executed by the attacker by requesting the 'news.php3' script.
PHP code injected in this manner can be executed with the following request:
MySimpleNews contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the 'users.php' script not properly sanitizing user input supplied to the 'LOGIN', 'DATA', and 'MESS' parameters. This may allow an attacker to include arbitrary code that contains commands which will be executed by the vulnerable script with the same privileges as the web server.
Currently, there are no known upgrades, patches or workarounds available to correct this vulnerability.