Description - Authentication Bypass Vulnerability in DSLogin
SQL Injection found in DSLogin script.
- Exploit
- Available
- Solution
- Not available - check vendor's website
Vulnerable scripts:
index.php
admin/index.php
Variable $log_userid isn't properly sanitized before being used in SQL query. This can be used to bypass authentication using SQL injection and make any SQL query by injecting arbitrary SQL code.
Condition: magic_quotes_gpc = off
Order Source Code Analysis made by eVuln team
Protect against attacks by source code analysis of your site done by eVuln team.The task will be done by specialists in website security.