Description - SQL Injection Auth Bypass in Bit 5 Blog

SQL Injection found in Bit 5 Blog script.

Exploit
Available
Solution
Not available - check vendor's website

Vulnerable script: processlogin.php

Variables $_POST['username'] and $_POST['password'] are not properly sanitized before being used in a SQL query. This can be used to make any SQL query by injecting arbitrary SQL code and log in without password.

Order Source Code Audit made by eVuln team

Prevent hacker attacks by source code analysis of your site made by our team.The work will be done by experts in website security.

Advisories by vuln type