Simple Customer 1.2 (Auth Bypass) SQL Injection Vulnerability

2008-11-17 23:20:04

###############################################################################################
[-] Simple Customer 1.2 Remort (Auth bypass) SQL Injection Vulnerability
[-] Discovered By : d3b4g
[-] Greetz : All my freind
################################################################################################
Go to www.target.com[path]login.php

Use following information to bypass login.

Write any email Address as email address.It must to be in email format like [email protected]

For exapmple [email protected]

For password use ' or ' 1=1

Live demo [at] http://www.simplecustomer.com/demo/login.php
--------------------------------------------
--------------------------------------------

#

Fixes

No fixes

In order to submit a new fix you need to be registered.