iWebNegar is reported prone to multiple SQL injection vulnerabilities, these issues exist due to a lack of sufficient boundary checks performed on user-supplied URI parameter data.
These issues could theoretically be exploited to compromise the software by performing unauthorized actions on the database, such as modifying or viewing data. SQL injection attacks may also be used to exploit latent vulnerabilities in the underlying database. This may depend on the nature of the query being manipulated as well as the capabilities of the database implementation.
http://www.example.com/weblog/index.php?string=[sql injection code]