vendor:
Article Manager Pro
by:
ZoRLu
7.5
CVSS
HIGH
Authentication Bypass
287
CWE
Product Name: Article Manager Pro
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008
AlstraSoft Article Manager Pro auth bypass
An authentication bypass vulnerability exists in AlstraSoft Article Manager Pro. An attacker can exploit this vulnerability to bypass authentication and gain access to the application. The attacker can send a specially crafted HTTP request to the vulnerable application to bypass authentication. The attacker can use the username ' or ' 1=1-- and password ZoRLu to gain access to the application.
Mitigation:
Upgrade to the latest version of AlstraSoft Article Manager Pro.