Description - SQL Injection Vulnerability in newsletter
SQL Injection found in newsletter script.
- Exploit
- Available
- Solution
- Not available - check vendor's website
Vulnerable script: newsletter.php
Parameter newsletteremail is not properly sanitized before being used in SQL query. This can be used to evaluate arbitrary SQL expression.
Condition: magic_quotes_gpc = off
Order Source Code Audit made by eVuln
Check a website or web application by source code review of your website made by our team.The work will be done by specialists in web application security.