Intitle Liveapplet Inurl Lvappl And 1 Guestbook Phprar Top File

http://oldsite.com/lvappl/guestbook.php?id=1

$id = $_GET['id']; $result = mysql_query("SELECT * FROM guestbook WHERE id = $id"); Because "1" appears in the page, attackers test ?id=1' UNION SELECT ... phprar might indicate a parameter like ?lang=phprar that includes remote files: intitle liveapplet inurl lvappl and 1 guestbook phprar top

“Old code is not legacy code – it’s vulnerable code until proven otherwise.” http://oldsite