Full title: Instant v2.0 SQL Injection Vulnerability 
Category: web applications
Platform: php
A SQL Injection Vulnerability has been discovered in the Instant v.2.0 CMS. The Vulnerability is located in the subid Value of the product_cat.php File. Attackers are able to execute own SQL commands by usage of a GET Method Request with manipulated subid Value. Attackers are able to read Database information by execution of own SQL commands.

# 0day.today @ http://0day.today/