header-logo
Suggest Exploit
vendor:
Ragnarok Online Control Panel (ROCP)
by:
SecurityFocus
7.5
CVSS
HIGH
Authentication Bypass
287
CWE
Product Name: Ragnarok Online Control Panel (ROCP)
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Apache Web server (unconfirmed)
2004

Ragnarok Online Control Panel (ROCP) Authentication Bypass Vulnerability

Ragnarok Online Control Panel (ROCP) is prone to a vulnerability that may let remote attackers bypass user authentication. This issue is related to how PHP variables are handled, letting an attacker influence a variable that is used to check user authentication. Exploitation could yield administrative access to the ROCP site.

Mitigation:

Ensure that all user input is validated and filtered before being used in authentication checks.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/14429/info

Ragnarok Online Control Panel (ROCP) is prone to a vulnerability that may let remote attackers bypass user authentication. This issue is related to how PHP variables are handled, letting an attacker influence a variable that is used to check user authentication.

Exploitation could yield administrative access to the ROCP site.

This issue may be exclusive to sites hosting ROCP with Apache Web server. This has not been confirmed. 

http://www.example.com/CP/account_manage.php/login.php

Navigation

Suggest Exploit

Services By CQR