Posted by ITAS TEAM on Feb 02

# Exploit Title: Sefrengo CMS v1.6.1 – Multiple SQL Injection
Vulnerabilities
# Vendor: http://www.sefrengo.org/
# Download link: http://forum.sefrengo.org/index.php?showtopic=3368 (
https://github.com/sefrengo-cms/sefrengo-1.x/tree/22c0d16bfd715631ed317cc990785ccede478f07
)
# CVE ID: CVE-2015-1428
# Vulnerability: SQL Injection
# Affected version: Sefrengo CMS v1.6.1
# Fixed version: Sefrengo CMS v1.6.2
#…