| EDB-ID: 27054 | Author: Aliaksandr Hartsuyeu | Published: 2006-01-09 | |
| CVE: CVE-2006-0153 | Type: Webapps | Platform: PHP | |
| Aliases: N/A | Advisory/Source: Link | Tags: N/A | |
E-DB Verified:
|
Exploit:
 Download
/
View Raw
|
Vulnerable App:
|
|
source: http://www.securityfocus.com/bid/16178/info 427BB is prone to an authentication bypass vulnerability. This issue is due to a failure in the application to properly validate user-supplied data. An attacker can exploit this issue to bypass the authentication mechanism and gain access to the affected application as an administrative user. This may facilitate a compromise of the underlying system; other attacks are also possible. This issue affects version 2.2 and 2.2.1; other versions may also be vulnerable. The following demonstrates cookie-data sufficient to exploit this issue: username=admin; authenticated=1; usertype=admin;
Related Exploits
Trying to match CVEs (1): CVE-2006-0153Trying to match OSVDBs (1): 22274
Trying to match setup file: 61558403e18b95de5af20ab19da95d3b
Other Possible E-DB Search Terms: 427BB 2.2, 427BB
| Date | D | V | Title | Author |
|---|---|---|---|---|
| 2006-01-09 |
|
427BB 2.2 - 'showthread.php' SQL Injection | Aliaksandr ... | |
| 2008-06-05 |
|
427bb 2.3.1 - SQL Injection / Cross-Site Scripting | CWH Undergr... | |
| 2009-12-04 |
|
427BB 2.3.2 - SQL Injection | cr4wl3r | |
| 2005-03-01 |
|
427BB 2.x - Multiple Remote HTML Injection Vulnerabilities | Hackerloung... |