info
discussion
exploit
solution
references
PHPOutsourcing Zorum RollID SQL Injection Vulnerability
An exploit is not required.
The following example URI and script are available:
http://www.example.com/index.php?method=showhtmllist&list=topic&rollid=[SQL]
/data/vulnerabilities/exploits/16131.pl
Privacy Statement
Copyright 2010, SecurityFocus
