header-logo
Suggest Exploit
vendor:
N/A
by:
Anonymous
8.8
CVSS
HIGH
Authentication Bypass
287
CWE
Product Name: N/A
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2020

Unauthenticated Access to Admin Page

This vulnerability allows an attacker to access the admin page without authentication. The attacker can pass parameters to the page and access the page without any authentication. The vulnerability can be patched by adding a line of code to check if the request URI contains the admin page and exit if it does.

Mitigation:

The vulnerability can be patched by adding a line of code to check if the request URI contains the admin page and exit if it does.
Source

Exploit-DB raw data:

When this hole was brought to our attention, we were amazed to find that it seems nobody has caught it yet!! There is a page in the admin that can be access without login AND can pass parameters!!

/admin/mail.php/login.php
/admin/mail.php/login.php?fooled
/admin/mail.php/login.php?action=send_email_to_user

All work! 

We "patched" this hole by adding this line of code: 

if(strstr($_SERVER['REQUEST_URI'], "/admin/mail.php/login.php" ) !== false){
        echo "<h1>NO ACCESS</h1>";
        exit;
}


Go fix your carts!!!!