OpenBB Member.PHP Remote SQL Injection Vulnerability

OpenBB Member.PHP Remote SQL Injection Vulnerability

The following proof of concept has been made available by Albert Puigsech Galicia <ripe@7a69ezine.org>:

http://www.example.com/member.php?action=profile&UID=1%20<something>

where <something> represents a SQL query.