Security Weakness on Jakarta.go.id v22

Play online games at GameDuell.
New Training Titles for Audio Software, Hardware & Technical Skills.
Shockwave has the game Risk! Buy it now!
Join LinkShare Today!
SYNC Outlook and Files on all your Computers
Vulnerable are in this parameter :

http://www.jakarta.go.id/v22/berita/index.php?jns=1&id_berita=[BlindSQLi]

http://www.jakarta.go.id/v22/suratwarga/index.php?jns=1&id_suratwarga=[BlindSQLi]

All Possible database name in Mysql is :

[0]: PJU_DKI
[1]: angkasa
[2]: babe2
[3]: babe3
[4]: db06_tije
[5]: db06_tije_forum
[6]: db_birohukum_perpus
[7]: db_birohukumdki
[8]: db_birum_dki
[9]: db_dekranasda
[10]: db_mpu2006
[11]: db_pusbinrohdki
[12]: db_sambutandki
[13]: db_simpju_acces
[14]: db_transjakarta
[15]: db_yankes-utara
[16]: db_yankesut
[17]: dbdki_badankepegawaian
[18]: dbdki_birokeuangan
[19]: dbdki_biroumum
[20]: dbdki_bksp06
[21]: dbdki_dekranasda
[22]: dbdki_dekranasda05
[23]: dbdki_dprd06
[24]: dbdki_infolelang
[25]: dbdki_jakartagoid << admin credential is in this database
[26]: dbdki_kpud
[27]: dbdki_ortala
[28]: dbdki_ortala06
[29]: dbdki_pusbinroh06
[30]: dbdkip_jakpus
[31]: dbdpp
[32]: dbh_kpti
[33]: dbh_kuh2006
[34]: dbh_kuh2007
[35]: dinasperumahan_db
[36]: dki_rokeu
[37]: dprd
[38]: evaluasirtrw_db
[39]: fool
[40]: giskpap
[41]: hackbyme
[42]: inventoryys
[43]: jakartartrw_db
[44]: jakut
[45]: jakut_temp
[46]: jic
[47]: kpap_db
[48]: kukm_data
[49]: luke
[50]: museum
[51]: mysql
[52]: opsional_db
[53]: petadki
[54]: piidb
[55]: pip_data
[56]: pkk
[57]: pkk0
[58]: pkk1
[59]: sdtkjb_db
[60]: tatakota
[61]: tatakota_db
[62]: tes
[63]: yankesut
[64]: yankesut-old

Anyone who see this post to please notify the admin

Greetz to Arthemist :), nyubicrew and all of Indonesian Hacker