Description - Authentication Bypass in VEGO Links Builder
SQL Injection found in VEGO Links Builder script.
- Exploit
- Available
- Solution
- Not available - check VEGO website
Vulnerable script: login.php
Variable $username isn't properly sanitized before being used in a SQL query. This can be used to enter administrator area without password.
Condition: magic_quotes_gpc = off
Order Source Code Audit made by eVuln team
You may order source code audit of your website done by Aliaksandr Hartsuyeu.The task will be done by experts in web application security.