Comnexx Content Management System SQL Injection ========================================================= # Exploit Title : Comnexx CMS SQL Injection # Date : 17 July 2011 # Author : Netrondoank aka netron # Platform/Tested on: Linux # myweb : http://www.ilmuhacker.org # Version : none # Software Link: : http://www.comnexx.com/ # dork : "Powered By COMNEXX" ====================================================================== # vuln here http://site/path/productdetail.php?id=&pid=104&langid=[sqli] Login Admin http://site/admin/ Spesial thanks to all friend @ site : IndonesianSecurity.info + palembang Hackerlink + Blitar hackerlink + hacker newbie + Kimmmonosz + Budi anja (biohazzard ) + Klicak + jos ali joe + Pokeng + Crashblack + nesta + andy_william