PHProjekt 2.x/3.x Login Bypass Vulnerability

ID EDB-ID:21421
Type exploitdb
Reporter Ulf Harnhammar
Modified 2002-04-25T00:00:00


PHProjekt 2.x/3.x Login Bypass Vulnerability. CVE-2002-1757. Webapps exploit for php platform


PHProjekt is a freely available, open source PHP Groupware package. It is actively maintained by the PHPProjekt Development Team. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems.

Some of the PHProjekt scripts are only intended to be accessed by users who have been authenticated. However, it has been reported that it is possible for an unauthenticated attacker to access these scripts via a specially crafted web request.

where the extraneous "sms" is included to be passed to the $PHP_SELF variable as part of the PATH_INFO. This causes PHPProjekt to behave as though the attacker accessing the script is logged on to PHPProjekt as a legitimate user.