|
Description
|
|
A vulnerability has been reported in MH Products Kleinanzeigenmarkt , which can be exploited by malicious people to conduct SQL injection attacks.
Input passed via the "c" parameter to search.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
NOTE: This can further be exploited to conduct cross-site scripting attacks via SQL error messages.
|
