Multiple HIOX Products 'admin/passwo.php' Authentication Bypass Vulnerability
BID:30448
Info
Multiple HIOX Products 'admin/passwo.php' Authentication Bypass Vulnerability
| Bugtraq ID: | 30448 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 30 2008 12:00AM |
| Updated: | Jul 31 2008 03:37PM |
| Credit: | Stack |
| Vulnerable: |
HIOX HIOX Random Ad 1.3 HIOX HIOX Browser Statistics 2.0 |
| Not Vulnerable: | |
Discussion
Multiple HIOX Products 'admin/passwo.php' Authentication Bypass Vulnerability
Multiple HIOX Products are prone to an authentication-bypass vulnerability.
An attacker can exploit this issue to gain unauthorized administrative access to the applications. Successfully exploiting this issue will compromise the affected applications.
The following applications are vulnerable:
HIOX Browser Statistics 2.0
HIOX Random Ad 1.3
Multiple HIOX Products are prone to an authentication-bypass vulnerability.
An attacker can exploit this issue to gain unauthorized administrative access to the applications. Successfully exploiting this issue will compromise the affected applications.
The following applications are vulnerable:
HIOX Browser Statistics 2.0
HIOX Random Ad 1.3
Exploit / POC
Multiple HIOX Products 'admin/passwo.php' Authentication Bypass Vulnerability
Attackers may exploit this issue through a browser.
The following example scripts are available:
Attackers may exploit this issue through a browser.
The following example scripts are available:
Solution / Fix
Multiple HIOX Products 'admin/passwo.php' Authentication Bypass Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Multiple HIOX Products 'admin/passwo.php' Authentication Bypass Vulnerability
References:
References:
- HIOX Homepage (HIOX)