Exploit Title: Pre Classified Listing SQL Vulnerable Vendor url:http://www.sellatsite.com Version:1 Price:60 USD Author: L0rd CrusAd3r aka VSN [crusader_hmg@yahoo.com] Published: 2010-06-14 Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue, S1ayer,d3c0d3r,KD and to all ICW members. Spl Greetz to:inj3ct0r.com Team ~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~ Description: Pre Classified Listing is a vibrant and varied classified listings script developed in ASP. Features a fully administratively controlled system where admin can control the Site Setup, users, Ads, categories, and more. Code: ASP 3.0 & VBScript ~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~ Vulnerability: *SQLi Vulnerability DEMO URL : http://server/[path]/admin/detail_ad.asp?siteid=[sqli] # 0day n0 m0re # # L0rd CrusAd3r # -- With R3gards, L0rd CrusAd3r