Surat Diamond Blind SQL Injection

Blind sql injection found at URL: http://www.suratdiamond.com/prodcriteria.aspx Entity: matid Security Risk: It is possible to view, modify or delete database entries and tables Below are the tables found on the database admin uid username userpass 1 admin removed brochureimage Carat CartMaster...