- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 22600
- Проверка EDB
-
- Пройдено
- Автор
- CDOWNS
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2003-05-14
Код:
source: https://www.securityfocus.com/bid/7595/info
Owl has been reported prone to an authentication bypass vulnerability.
The issue presents itself due to a lack of sufficient sanitization when checking the validity of usernames and passwords supplied to 'browse.php'.
An attacker may exploit this condition to bypass the Owl authentication system.
http://www.example.com/intranet/browse.php?loginname=whocares&parent=1&expand=1&order=creatorid&sortposted=ASC
- Источник
- www.exploit-db.com