I-Net MLM Script Engine - SQL Injection

EDB-ID:

14080

CVE:

N/A




Platform:

PHP

Date:

2010-06-27


1               ##########################################             1
0               I'm Sid3^effects member from Inj3ct0r Team             1
1               ##########################################             0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
Vendor Url : http://www.i-netsolution.com/
Google Dork: inurl:/jobsearchengine/
Author : Sid3^effects aKa HaRi <shell_c99[at]yahoo.com>
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger_
greetz to :www.topsecure.net ,All ICW members and my friends :) luv y0 guyz 
#######################################################################################################

Description:
  	I-Net MLM is Complete, Automated Software for MLM Business ( Direct Marketing Software ) Our most comprehensive MLM software, "I-Net MLM" provides the functionality needed to tackle even the most challenging MLM issues.This Customized MLM Software plays vital role in the success of MLM Organization. It proves to be an important parameter for building confidence of company's new associates on the management

#######################################################################################################

Xploit: SQLi VUlnerability


The I-net MLM script has auth bypass vuln 
by using ' or 1=1 or ''=' in both username and password the attacker can get the access 


###############################################################################################################
# 0day no more 
# Sid3^effects