9 lines
No EOL
473 B
Text
Executable file
9 lines
No EOL
473 B
Text
Executable file
source: http://www.securityfocus.com/bid/7595/info
|
|
|
|
Owl has been reported prone to an authentication bypass vulnerability.
|
|
|
|
The issue presents itself due to a lack of sufficient sanitization when checking the validity of usernames and passwords supplied to 'browse.php'.
|
|
|
|
An attacker may exploit this condition to bypass the Owl authentication system.
|
|
|
|
http://www.example.com/intranet/browse.php?loginname=whocares&parent=1&expand=1&order=creatorid&sortposted=ASC |