Cookie Auth Bypass in Hot Links SQL

Summary

Vulnerability
Cookie Auth Bypass in Hot Links SQL
Discovered
2010.11.09
Last Update
n/a n/a
ID
EV0140
CVE
n/a
Risk Level
high
Type
Authentication Bypass
Status
Unpatched. Vendor notified. No reply from developer(s)
Vendor
Mrcgiguy (http://www.mrcgiguy.com/)
Vulnerable Software
Hot Links SQL 3
Version
3.2.0
PoC/Exploit
Available
Solution
Not available
Discovered by
Aliaksandr Hartsuyeu (eVuln.com)

Description

Authentication Bypass found in Hot Links SQL 3 script.

Auth Bypass
cookie Auth Bypass vulnerability found in Hot Links SQL 3. It is possible to get access to admin panel without password comparison.

PoC/Exploit

Auth Bypass Exploit
There is no password comparison during authentication process. Actually script checks only admin cookie. If it's value is logged in user is authenticated as Admin.

Cookie: admin=logged in

Solution.

Solution for "Cookie Auth Bypass in Hot Links SQL" is not available. Check Mrcgiguy website for updates.