ad

Home of MCLogin System - Authentication Bypass



EDB-ID: 13766 CVE: 2010-5000 OSVDB-ID: 65255
Author: L0rd CrusAd3r Published: 2010-06-08 Verified: Verified
Exploit Code:   Download Vulnerable App:   N/A

Rating

(0.0)
Prev Home Next
Author: L0rd CrusAd3r
Published: 2010-06-08
Vendor url:-/www.maniacomputer.com
################################################################################################

Authentication Bypass in Home of MCLogin System
1,1
######################################Author:L0rd
CrusAd3r######################################

Description:-

With MCLogin System your visitors can login or register a new account. It is
written in PHP and the data is stored in a MySql database.Very easy to
install or to customize to meet your needs. You can add it to your pages
with just one link.

###################################################################################################

Vulnerability:-

*Authentication Bypass found

The Provided Script as Sqli Vulnerability in Admin Login page

DEMO : http://server/login/login_index.php

Use the string a' or '1'='1 for Username and Password to gain access.

######################################################################################################


Greetz to:MaYur,Sid3^effects

-- 
With R3gards,
L0rd ÇrusAdêr