info
discussion
exploit
solution
references
ScozNet ScozBook AdminName Variable SQL Injection Vulnerability
The following example was provided:
http://www.example.com/auth.php
username: a' or 'a'='a'/*
password: anypassword
Privacy Statement
Copyright 2010, SecurityFocus
