Description - PHP Downloadcounter for Wallpapers SQL Injection
SQL Injection found in Skull-Splitter's PHP Downloadcounter for Wallpapers script.
- Exploit
- Available
- Solution
- Not available - check vendor's website
Vulnerable script: count.php
Parameters count_fieldname, url_fieldname, url are not properly sanitized before being used in SQL query. This can be used to make any SQL query by injecting arbitrary SQL code.
Order PHP Code Audit made by eVuln team
You may order source code audit of a site done by Aliaksandr Hartsuyeu.The work will be done by experts in website security.