header-logo
Suggest Exploit
vendor:
I-Net MLM
by:
Sid3^effects aKa HaRi
7,5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: I-Net MLM
Affected Version From: No Version Specified
Affected Version To: No Version Specified
Patch Exists: No
Related CWE: No CVE Specified
CPE: No CPE Specified
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: No Platforms Specified
No Year Specified

I-Net MLM Auth Bypass Vulnerability

The I-net MLM script has auth bypass vulnerability by using ' or 1=1 or ''=' in both username and password the attacker can get the access.

Mitigation:

Ensure that user input is properly sanitized and validated before being used in SQL queries.
Source

Exploit-DB raw data:

1               ##########################################             1
0               I'm Sid3^effects member from Inj3ct0r Team             1
1               ##########################################             0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
Vendor Url : http://www.i-netsolution.com/
Google Dork: inurl:/jobsearchengine/
Author : Sid3^effects aKa HaRi <shell_c99[at]yahoo.com>
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger_
greetz to :www.topsecure.net ,All ICW members and my friends :) luv y0 guyz 
#######################################################################################################

Description:
  	I-Net MLM is Complete, Automated Software for MLM Business ( Direct Marketing Software ) Our most comprehensive MLM software, "I-Net MLM" provides the functionality needed to tackle even the most challenging MLM issues.This Customized MLM Software plays vital role in the success of MLM Organization. It proves to be an important parameter for building confidence of company's new associates on the management

#######################################################################################################

Xploit: SQLi VUlnerability


The I-net MLM script has auth bypass vuln 
by using ' or 1=1 or ''=' in both username and password the attacker can get the access 


###############################################################################################################
# 0day no more 
# Sid3^effects

Navigation

Suggest Exploit

Services By CQR