Net56 Browser Based File Manager SQL Injection Authentication Bypass Vulnerability
BID:13547
Info
Net56 Browser Based File Manager SQL Injection Authentication Bypass Vulnerability
| Bugtraq ID: | 13547 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | May 09 2005 12:00AM |
| Updated: | May 09 2005 12:00AM |
| Credit: | Discovered by Eric Basher <[email protected]>. |
| Vulnerable: |
Net56 Browser Based File Manager 1.0 |
| Not Vulnerable: | |
Discussion
Net56 Browser Based File Manager SQL Injection Authentication Bypass Vulnerability
Net56 Browser Based File Manager is prone to an SQL injection vulnerability that could allow unauthorized users to log on as any user of the application without providing a password.
This issue was reported to affect Net56 Browser Based File Manager 1.0; other versions may be vulnerable.
Net56 Browser Based File Manager is prone to an SQL injection vulnerability that could allow unauthorized users to log on as any user of the application without providing a password.
This issue was reported to affect Net56 Browser Based File Manager 1.0; other versions may be vulnerable.
Exploit / POC
Net56 Browser Based File Manager SQL Injection Authentication Bypass Vulnerability
Exploit code is not required. This vulnerability could be exploited by entering a valid username and either ' or = in the password field of the authentication page.
Exploit code is not required. This vulnerability could be exploited by entering a valid username and either ' or = in the password field of the authentication page.
Solution / Fix
Net56 Browser Based File Manager SQL Injection Authentication Bypass Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Net56 Browser Based File Manager SQL Injection Authentication Bypass Vulnerability
References:
References:
- Browser Based File Manager (Net56)