Chamilo LMS 1.9.8 Blind SQL Injection

Exploit Title: Chamilo LMS 1.9.8 Blind SQL Injection Date: 06-12-2014 Software Link: http://www.chamilo.org/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/ Category: webapps 1. Description Database::escapestring function is used to...