Alcassoft's SOPHIA CMS - SQL Injection

EDB-ID:

16225

CVE:



Author:

p0pc0rn

Type:

webapps


Platform:

CFM

Date:

2011-02-24


Title    : Alcassoft's SOPHIA CMS Vulnerable to SQL Injection
Found by: p0pc0rn 24/02/2011
Web        : http://www.alcassoft.com/site/
Dork    : intext:"Powered by Alcassoft SOPHIA"

SQL
---

http://site.com/path/dsp_page.cfm?pageid=[SQL]