PhpGedView Timeline.PHP SQL Injection Vulnerability

No exploit is required, the following proof of concept is available:

http://www.example.com/phpgedview/timeline.php?pids=[Evil_Query]


 

Privacy Statement
Copyright 2010, SecurityFocus