[+] Sql Injection on CIS Manager CMS [+] Date: 01/04/2014 [+] Risk: High [+] Author: Felipe Andrian Peixoto [+] Vendor Homepage: http://www.construtiva.com.br/ [+] Contact: felipe_andrian@hotmail.com [+] Tested on: Windows 7 and Linux [+] Vulnerable File: default.asp [+} Dork : intext:"Powered by CIS Manager" [+] Exploit : http://host/site/default.asp?TroncoID=[SQL Injection]