Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

openjournal2.5.txt

🗓️ 07 Feb 2004 00:00:00Reported by Tri HuynhType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 33 Views

Open Journal versions 2.5 and below have an authentication bypass vulnerability via uid parameter.

Code
`Open Journal Blog Authenticaion Bypassing Vulnerability  
=================================================  
  
PROGRAM: Open Journal  
HOMEPAGE: http://www.grohol.com/downloads/oj/  
VULNERABLE VERSIONS: 2.5 and below  
  
  
DESCRIPTION  
=================================================  
  
OpenJournal is a completely Web-based interface  
(say bye-bye to FTP, manual archiving, etc.). Features  
include: automated file creation; automated index  
updating; editing of all files through a Web-based  
interface; entries with or without titles and time posted;  
automated archiving based on a weekly or monthly format.  
All done through ordinary text files and no additional  
perl modules needed to run it  
  
DETAILS  
=================================================  
By feeding special crafted data into the uid parameter of the URL, an  
attacker  
can by pass the authentication process and access directly  
to the software's control panel.  
The below example will let the hacker add a new user to the software  
account database.  
  
http://www.test.com/cgi-bin/oj.cgi?db=default&uid=%00&userid=hacker&auth=adduser  
  
  
WORKAROUND  
=================================================  
Open Journal's author (Dr John Grohol) is contacted.A patched version  
(2.6) is ready for downloading on the website.  
  
  
CREDITS  
=================================================  
  
Discovered by Tri Huynh from SentryUnion  
  
  
DISLAIMER  
=================================================  
  
The information within this paper may change without notice. Use of  
this information constitutes acceptance for use in an AS IS condition.  
There are NO warranties with regard to this information. In no event  
shall the author be liable for any damages whatsoever arising out of  
or in connection with the use or spread of this information. Any use  
of this information is at the user's own risk.  
  
  
FEEDBACK  
=================================================  
  
Please send suggestions, updates, and comments to: [email protected]  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
07 Feb 2004 00:00Current
7.4High risk
Vulners AI Score7.4
open journalvulnerabilityauthentication bypassweb-based interfacecontrol panel accesspatched version.
33