Description - Authentication Bypass in GuestBookHost
SQL Injection found in GuestBookHost script.
- Exploit
- Available
- Solution
- Not available - check vendor's website
Vulnerable script:
config.php
Variables $email $password are not properly sanitized before being used in a SQL query. This can be used to pass authentication without password.
Condition: magic_quotes_gpc - off
Order Source Code Review
Protect a site or web application by source code audit of your website or web application done by eVuln team.The order will be done by experts in web application security.