# SQL Injection on CMS int24
# Risk: High
# CWE number: CWE-89
# Date: 14/04/2014
# Vendor: www.int24.com.pl
# Author: Felipe " Renzi " Gabriel
# Contact: renzi@linuxmail.org
# Tested on Windows 8 pro
# Vulnerable File: galeria.php
# Exploit: http://host/galeria.php?cid=[SQLI]