Discovered by Sirdarckcat from <a href="http://elhacker.net">elhacker.net</a><br>------------------------------------------------------------------------------------<br><br>Autentificator v2.01 SQL Injection<br><a href="http://www.hotscripts.com/Detailed/15291.html">
http://www.hotscripts.com/Detailed/15291.html</a><br><br>------------------------------------------------------------------------------------<br><br>Autentificator is a simple PHP based program for<br>helping administrators to controll access to certain
<br>pages.<br><br>It suffers of a SQL Injection vulnerability.<br><br>------------------------------------------------------------------------------------<br><br>PoC:<br><br><a href="http://autentificator/aut_verifica.inc.php">
http://autentificator/aut_verifica.inc.php</a><br><span style="white-space: pre;">        </span>POST DATA:<br><span style="white-space: pre;">        </span><span style="white-space: pre;">        </span>user='+[SQL]&amp;pass=something<br><br>
------------------------------------------------------------------------------------<br><br>Att.<br>Sirdarckcat<br><a href="http://elhacker.net">elhacker.net</a><br clear="all"><br>-- <br>Att.<br><a href="mailto:SirDarckCat@GMail.com">
SirDarckCat@GMail.com</a><br><br><a href="http://www.google.com/search?q=sirdarckcat">http://www.google.com/search?q=sirdarckcat</a>