Phil's Bookmark Script Admin.PHP Authentication Bypass Vulnerability
BID:17878
Info
Phil's Bookmark Script Admin.PHP Authentication Bypass Vulnerability
| Bugtraq ID: | 17878 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | May 08 2006 12:00AM |
| Updated: | May 09 2006 12:39AM |
| Credit: | [email protected] is credited with the discovery of this vulnerability. |
| Vulnerable: |
Phil's Bookmark script Phil's Bookmark script 0 |
| Not Vulnerable: | |
Discussion
Phil's Bookmark Script Admin.PHP Authentication Bypass Vulnerability
Phil's Bookmark script is prone to an authentication-bypass vulnerability. The issue occurs because the affected script fails to prompt for authentication credentials.
An attacker can exploit this issue to bypass authentication and gain admin access to the affected application. This could aid in further attacks on the affected computer.
Phil's Bookmark script is prone to an authentication-bypass vulnerability. The issue occurs because the affected script fails to prompt for authentication credentials.
An attacker can exploit this issue to bypass authentication and gain admin access to the affected application. This could aid in further attacks on the affected computer.
Exploit / POC
Phil's Bookmark Script Admin.PHP Authentication Bypass Vulnerability
This issue can be exploited through a web client.
An example URI has been provided:
This issue can be exploited through a web client.
An example URI has been provided:
Solution / Fix
Phil's Bookmark Script Admin.PHP Authentication Bypass Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
References
Phil's Bookmark Script Admin.PHP Authentication Bypass Vulnerability
References:
References: