[转载]ITA Forum SQL Injection注入漏洞

信息来源：www.securiteam.com

Summary
ITA Forum is "an online messaging system, all developed in PHP, using MySQL as the backend database".

Due to a vulnerability in the way ITA Forum handles incoming data a remote attacker can insert malicious SQL statements into existing ones. The following exploit code can be used to test your system for the mentioned vulnerability.

Credit:
The information has been provided by 1dt.w0lf.

Details
Exploit:
http://www.eviloctal.com/forum/read.php?tid=6913