ARASTAR SQL Injection

`+#######+  
|[o] ID |  
+#######+  
[+] Title : ARASTAR SQL Injection Vulnerability  
[+] Affected Version : ALL VERSIONS  
[+] Software Link : http://ara-star.com/art.php?ID=172  
[+] Tested on : Windows XP SP2 <CHROME + FIREFOX>  
[+] Date : 18/11/2011  
[+] Dork : inurl:'.co.il/Cat.php?ID=' intext:"POWERED BY ARASTAR"  
[+] Category : Content Management  
[+] Severity : High  
[+] Author : TH3_N3RD  
[+] Follow on FB : https://www.facebook.com/TH3xN3RD  
  
+############+  
|[o] EXPLOIT |  
+############+  
[+] http://[website]/cat.php?ID=[SQLi]  
[+] ADMINISTRATION PATH : http://[website]/admin-aps  
+#########+  
|[o] PoC |  
+#########+  
[+] It Depends On The Column Count Of The Script Version /.-  
  
+------------+  
|[o] Greet'z |  
+------------+  
[+] To : #MY MIND# [&] VERGEIRAS [&] ALL THE MOROCCAN HAX0R'z  
@`d0n3\-  
  
`