JitBit HelpDesk < 9.0.2 - Authentication Bypass

EDB-ID:

42776

CVE:

N/A


Author:

Kc57

Type:

webapps


Platform:

ASP

Date:

2017-09-22


# Exploit Title: JitBit HelpDesk <= 9.0.2 Broken Authentication
# Google Dork: "Powered by Jitbit HelpDesk" -site:jitbit.com
# Date: 09/22/2017
# Exploit Author: Rob Simon (Kc57) - TrustedSec www.trustedsec.com
# Vendor Homepage: https://www.jitbit.com/helpdesk/
# Download Link: https://static.jitbit.com/HelpDeskTrial.zip
# Version: 9.0.2
# Tested on: Windows Server 2012
# CVE : NA

Proof of Concept:

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/42776.zip