CMS Morpheus SQL Injection

Posted on 22 April 2014

# SQL Injection on CMS Morpheus # Risk: High # CWE number: CWE-89 # Date: 19/04/2014 # Vendor: www.pixel-dusche.de # Author: Felipe " Renzi " Gabriel # Contact: renzi@linuxmail.org # Tested on Windows 8 pro # Vulnerable File: index.php # Exploit: http://www.site.com/index.php?cid=[SQLI]