X-Changer Multiple SQL Injection Vulnerabilities

info
discussion
exploit
solution
references

X-Changer Multiple SQL Injection Vulnerabilities

These issues can be exploited through a web client.

Example URIs have been provided:

http://www.example.com/index.php?from=[sql]&into=[sql]&value=1&action=calculate
http://www.example.com/index.php?action=edit&id=[sql]