info
discussion
exploit
solution
references
VirtuaStore Password Parameter SQL Injection Vulnerability
These issues can be exploited through a web client.
The following entered in the password field is sufficient to exploit this issue:
123456 / ' or 1=1
Privacy Statement
Copyright 2010, SecurityFocus
