info
discussion
exploit
solution
references
Layton Technology HelpBox Multiple SQL Injection Vulnerabilities
No exploit is required. A proof-of-concept URI was provided:
http://www.example.com/laytonhelpdesk/editcommentenduser.asp?sys_comment_id=1'
Privacy Statement
Copyright 2010, SecurityFocus
