PHP TopSites 2.0/2.2 - 'edit.php' SQL Injection

Author: Cyberarmy Application
type: webapps
platform: php
port: 
date_added: 2003-01-15  
date_updated: 2012-10-23  
verified: 1  
codes:   
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 22177.txt  

source: https://www.securityfocus.com/bid/6625/info

A vulnerability has been discovered in PHP TopSites. Due to insufficient sanitization of user-supplied URI parameters it is possible for an attacker to embed SQL commands into certain page requests. This may result in another users private information being disclose to an attacker.

http://examplewebsite.com/topsitesdirectory/edit.php?a=pre&submit=&sid=siteidnumber--