eLMS Pro 'subscribe.php' SQL Injection and Cross Site Scripting Vulnerabilities

The following example URIs are available:

http://www.example.com/subscribe.php?course_id=[sqli]
http://www.example.com/subscribe.php?course_id=[XSS]


 

Privacy Statement
Copyright 2010, SecurityFocus