CMS Int24 SQL Injection

2014-04-14T00:00:00
ID PACKETSTORM:126146
Type packetstorm
Reporter Renzi
Modified 2014-04-14T00:00:00

Description

                                        
                                            `# SQL Injection on CMS int24  
# Risk: High  
# CWE number: CWE-89  
# Date: 14/04/2014  
# Vendor: www.int24.com.pl  
# Author: Felipe " Renzi " Gabriel  
# Contact: renzi@linuxmail.org  
# Tested on Windows 8 pro  
# Vulnerable File: galeria.php  
# Exploit: http://host/galeria.php?cid=[SQLI]  
  
  
  
  
  
`