.___ .___ .__ _________ .___ | | ____ __| _/ ____ ____ ____ ______|__|_____ ____ \_ ___ \ ____ __| _/ ____ _______ | | / \ / __ | / _ \ / \ _/ __ \ / ___/| |\__ \ / \ / \ \/ / _ \ / __ | _/ __ \ \_ __ \ | || | \/ /_/ | ( <_> )| | \\ ___/ \___ \ | | / __ \_| | \\ \____( <_> )/ /_/ | \ ___/ | | \/ |___||___| /\____ | \____/ |___| / \___ >/____ >|__|(____ /|___| / \______ / \____/ \____ | \___ > |__| \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ [~]===========================================================================[~] [~]Title : Lava CMS Sql injection Vulnerability [~]Vendor : http://www.lava.com.ua/ [~]Author : tempe_mendoan [~]Contact : http://indonesiancoder.com/ [~]Google Dork : "Powered by Lava" [~]Google Dork : Jakarta , Indonesia ( Februari 2012 ) [~]===========================================================================[~] ################################################################################# ===[ Example Exploit ]=== [?] http://localhost/news_item.php?id=[SQL] ################################################################################## Greats T0 : ./ And All My Friend Note : ./ I Love You Dila :*