Computer Security

Security Advisory: Dora Emlak Script v1.0 (tr) Admin Login ByPass
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  BellaBook Admin Bypass/Remote Code Execution

  BellaBiblio Admin Login Bypass

  RFI ====> vBulletin v3.6.5

  phpVoter v0.6 Remote File Include Vulnerability

From:ilkerKandemir_(at)_mynet.com <ilkerKandemir_(at)_mynet.com>
Date:31.07.2007
Subject:Dora Emlak Script v1.0 (tr) Admin Login ByPass

# Dora Emlak Script v1.0 (tr) Admin Login ByPass

# ilker kandemir <ilkerkandemir[at]mynet.com>

# Download: http://aspindir.com/goster/5027

# TnX.: Ajann, Dumenci, H0tTurk, Str0ke

# # # # # # # # # # # # # # # # # # # # # # # # #

# Bug in ../dora/administartor/yonetim/patron/default.asp

<%
cookFirstLevel = Session("FirstLevelSecurity") 'Ilk Gьvenlik Session
cookSecondLevel = Session("SecondLevelSecurity") 'Ikinci Gьvenlik Session
queryProc = Request.QueryString("Proc") 'Querystring Tanimi
strPageURL = Replace("/" & Request.ServerVariables("URL"),"//",
"/") 'Bu Sayfa Adresi
strFirstPass = "sifre1"
strSecondPass = "sifre2"
If fixWord(queryProc) = "" Then 'Eger Query Bos Ise (Normal Sayfa Acilisiysa)
If cookFirstLevel <> 1 and cookSecondLevel <> 1 Then 'Eger 1. ve 2. Seviye Sessionlar 1den Farkliysa
%>

# # # # # # # # # # # # # # # # # # # # # # # # #

# Admin Login Panel: /administartor/yonetim/patron/admin.asp

# First Login Pass: sifre1

# Second Login Pass: sifre2

# # # # # # # # # # # # # # # # # # # # # # # # #

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server