TOYUDesign SQL Injection Vulnerability

# Exploit Title: TOYUDesign SQL Injection Vulnerability
# Date: 03/02/2012 - 02.49
# Author: 3spi0n
# Software Website: www.toyudesign.com
# Tested On: BackTrack 5 - Win7 Ultimate
# Platform: Php
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>


[$] Vulnerable File:

[~] Changer

[$] Demo Sites:

[~] www.nusamandiriinstruments.com/products.php?id=38" [SQL Injection]

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>

# Dar bi Koridor Benimki, Kendimi Aradigim.

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>

# SpyDevilz.iN - Turkish Hacker Platform

# Contact: Twitter.Com/RigidusCO - Facebook.Com/3spi0ne

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>

- Mr.PaPaRoSSe And 3spi0n -

Bug Researcher Group - TURKEY

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>