Dede CMS - SQL Injection

Author: CWH & Nafsh
type: webapps
platform: php
port: 
date_added: 2011-12-30 
date_updated: 2011-12-30 
verified: 1 
codes: OSVDB-82508;OSVDB-82507;OSVDB-82506;CVE-2011-5200 
tags: 
aliases:  
screenshot_url:  
application_url: 

# Dede Cms All Versions Sql Vulnerability Exploit
# </ No Priv8 , Everything is Public >
# Date: 30/12/2011 - 13:00
# Author: [ CWH ] | Finded By : Nafsh
# We Are : Mr.M4st3r , Nafsh , Skote_Vahshat , HijaX
# Support: Cyberwh.org
# Mail: Nafsh@live.com
# Software Website: http://www.dedecms.com
# Security Risk: High
# Platform: Php

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

[$] Dorks:  inurl:"id" "DedeCMS Error Warning!"

[#] Vulnerable Files :

/list.php?id=[sql]
/members.php?id=[sql]
/book.php?id=[sql]

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
</ No Priv8 , Everything is Public >
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
#Cyberwh.org