Ragnarok Online Control Panel 4.3.4 a Authentication Bypass Vulnerability

2005-07-30T00:00:00
ID EDB-ID:26055
Type exploitdb
Reporter VaLiuS
Modified 2005-07-30T00:00:00

Description

Ragnarok Online Control Panel 4.3.4 a Authentication Bypass Vulnerability. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/14429/info

Ragnarok Online Control Panel (ROCP) is prone to a vulnerability that may let remote attackers bypass user authentication. This issue is related to how PHP variables are handled, letting an attacker influence a variable that is used to check user authentication.

Exploitation could yield administrative access to the ROCP site.

This issue may be exclusive to sites hosting ROCP with Apache Web server. This has not been confirmed. 

http://www.example.com/CP/account_manage.php/login.php