This script exploits a SQL injection flaw in the login functionality for GoAutoDial version 3.3-1406088000 and below, and attempts to perform command injection. This also attempts to retrieve the admin user details, including the cleartext password stored in the underlying database. Command injection will be performed with root privileges. The d…
GoAutoDial-CE-33 - Authentication-Bypass-Command-Injection Exploit
This script exploits a SQL injection flaw in the login functionality for GoAutoDial version 33-1406088000 and below, and attempts to perform command injection This also attempts to retrieve the admin user details, including the cleartext password stored in the underlying database Command injection will be p