CMS Int24 suffers from a remote SQL injection vulnerability.
d12be2741add1e1a5e5b7ab2f2cb8532476008dddec78fc15faa87b5ee7f608b
# SQL Injection on CMS int24
# Risk: High
# CWE number: CWE-89
# Date: 14/04/2014
# Vendor: www.int24.com.pl
# Author: Felipe " Renzi " Gabriel
# Contact: renzi@linuxmail.org
# Tested on Windows 8 pro
# Vulnerable File: galeria.php
# Exploit: http://host/galeria.php?cid=[SQLI]