# Exploit Title: MySQL Squid Access Report 2.1.4 Multiple Vulnerabilities
# Date: 14-13-2018
# Software Link: https://sourceforge.net/projects/mysar/
# Exploit Author: Keerati T.
# Version: 2.1.4
# Tested on: Linux
SQL injection and Cross site script vulnerabilities are found on ALL
parameter of MySAR.
2. Proof of Concept
- SQL injection
8-3-2018 - Report on their Github. (
-- 1 month later, no any response from vendor. --
14-4-2018 - Public.