info
discussion
exploit
solution
references
BirthSys Multiple SQL Injection Vulnerabilities
An exploit is not required.
The following proof of concept URI is available:
http://www.example.com/show.php3?month=99%20union%20select%201,2,3,4,5/*
Privacy Statement
Copyright 2010, SecurityFocus
