header-logo
Suggest Exploit
vendor:
OpenJournal
by:
SecurityFocus
7.5
CVSS
HIGH
Authentication Bypass
287
CWE
Product Name: OpenJournal
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

OpenJournal Authentication Bypass Vulnerability

It has been reported that OpenJournal is prone to an authentication bypass vulnerability. This issue is caused by the application failing to properly sanitize URI specified parameters. Successful exploitation of this issue may lead to remote attackers gaining unauthorized access to online journal files associated with the application, adding new users to the database as well as a number of other possibilities.

Mitigation:

Ensure that all user-supplied input is properly sanitized and validated before being used in the application.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/9598/info

It has been reported that OpenJournal is prone to an authentication bypass vulnerability. This issue is caused by the application failing to properly sanitize URI specified parameters. Successful exploitation of this issue may lead to remote attackers gaining unauthorized access to online journal files associated with the application, adding new users to the database as well as a number of other possibilities.

http://www.test.com/cgi-bin/oj.cgi?db=default&uid=%00&userid=hacker&auth=adduser

Navigation

Suggest Exploit

Services By CQR