GhostScripter Amazon Shop Search.PHP SQL Injection Vulnerability

GhostScripter Amazon Shop Search.PHP SQL Injection Vulnerability

No exploit is required.

The following example URI has been provided:

http://www.example.com/search.php?query=%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E&mode=all&imageField.x=21&imageField.y=4