• info
• discussion
• exploit
• solution
• references

Scriptme SmE File Mailer Login SQL Injection Vulnerability

Attackers can exploit this issue via a web client.

The following input to the login form is sufficient to exploit this issue:

Login: admin
Password: anything' OR 'x'='x