|
eXtrovert software Thyme 'pick_users.php' SQL Injection Vulnerability
Attackers can use a browser to exploit this issue. The following proof of concept is available: Submit the following to the input field at /thyme/modules/groups/pick_users.php: ' union all select proof,of,concept from mysql.db/* |
|
|
Privacy Statement |
