source: http://www.securityfocus.com/bid/7595/info Owl has been reported prone to an authentication bypass vulnerability. The issue presents itself due to a lack of sufficient sanitization when checking the validity of usernames and passwords supplied to 'browse.php'. An attacker may exploit this condition to bypass the Owl authentication system. http://www.example.com/intranet/browse.php?loginname=whocares&parent=1&expand=1&order=creatorid&sortposted=ASC
Related Exploits
Other Possible E-DB Search Terms: Owl Intranet Engine 0.7, Owl Intranet EngineDate | D | V | Title | Author |
---|---|---|---|---|
2006-03-07 |
![]() |
OWL Intranet Engine 0.82 - 'xrms_file_root' Code Execution | rgod | |
2008-07-28 |
![]() |
Owl Intranet Engine 0.95 - 'register.php' Cross-Site Scripting | Fabian Fing... | |
2011-12-15 |
![]() |
Owl Intranet Engine 1.00 - 'userid' Authentication Bypass | RedTeam Pen... |