This advisory describes a SQL injection vulnerability in Amelia CMS, where the 'page' parameter in index.php is not properly sanitized, allowing for Time-Based Blind SQL Injection attacks. The document provides details on the vulnerability, affected versions, and a proof-of-concept URL but does not include functional exploit code.
Classification
Writeup 90%
Target:
Amelia CMS (ALL versions)
No auth needed
Prerequisites:
Access to the target web application