[Description]: eNvolution is a fork of PostNuke. The entire core of the product is being replaced and improved, making it far more secure and stable, and able to work in high-volume environments with ease.

[vendor]: http://www.envolution.com

[Vulnerability]: SQL injection AND XSS

[sploit]

http://[host]/[envo]/modules.php?op=modload&name=News&file=index&catid=&topic=18&startrow=[sql] or [xss]

http://[host]/[envo]/modules.php?op=modload&name=News&file=index&catid=[sql] or [xss]


x1ng

X1ngBox |4t| gmail C0m