source: http://www.securityfocus.com/bid/7595/info Owl has been reported prone to an authentication bypass vulnerability. The issue presents itself due to a lack of sufficient sanitization when checking the validity of usernames and passwords supplied to 'browse.php'. An attacker may exploit this condition to bypass the Owl authentication system. http://www.example.com/intranet/browse.php?loginname=whocares&parent=1&expand=1&order=creatorid&sortposted=ASC
Related Exploits
Other Possible E-DB Search Terms: Owl Intranet Engine 0.7, Owl Intranet Engine| Date | D | V | Title | Author |
|---|---|---|---|---|
| 2006-03-07 |  |
|
OWL Intranet Engine 0.82 - (xrms_file_root) Code Execution | rgod |
| 2008-07-28 | |
|
Owl Intranet Engine 0.95 - 'register.php' Cross-Site Scripting | Fabian Fing... |
| 2011-12-15 | |
|
Owl Intranet Engine 1.00 - 'userid' Parameter Authentication Bypass | RedTeam Pen... |