Full title: XRMS - Blind SQL Injection and Command Execution Exploit 
Category: web applications
Platform: php
XRMS blind SQL injection exploit that leverages $_SESSION poisoning and achieves remote command execution.

# 0day.today @ http://0day.today/