DDSN CMS Admin Panel SQL Injection Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: DDSN CMS Admin Panel SQL Injection Vulnerability
From: khc@xxxxxxxxxxx
Date: 13 Jan 2006 12:22:55 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Web Site : http://www.ddsn.com and http://www.cm3cms.com

Description : 

DDSN is an expert provider of professional services surrounding the science of 
content management: Design, information architecture, deployment, and 
integration. 

In addition we offer our own content management software: Our flagship product 
is cm3 content manager.

cm3 provides powerful off-the-shelf web-based content management tools driven 
by a deep and extensible application development platform at a killer price.

cm3 is the perfect choice for both large and small organisations looking for a 
CMS that will grow with their business. 

SQL injection code : 

Username : 'or'
Password : 'or'

Contact : khc@xxxxxxxxxxx and irc.gigachat.net
Created by Botan

Prev by Date: TSL-2006-0001 - postgresql
Next by Date: [ISecAuditors Advisories] Arbitrary remote file creation in 123flashchat server
Previous by thread: TSL-2006-0001 - postgresql
Next by thread: [ISecAuditors Advisories] Arbitrary remote file creation in 123flashchat server
Index(es):
- Date
- Thread