# SQL Injection on Wapoweb # Risk: High # CWE number: CWE-89 # Date: 19/04/2014 # Vendor: www.wapoweb.net # Author: Felipe " Renzi " Gabriel # Contact: renzi@linuxmail.org # Tested on Windows 8 pro # Vulnerable File: prodotti.php # Exploit: http://www.site.com/prodotti.php?c=[SQLI]