Cookie Auth Bypass in Hot Links SQL
Summary
- Vulnerability
- Cookie Auth Bypass in Hot Links SQL
- Discovered
- 2010.11.09
- Last Update
- n/a n/a
- ID
- EV0140
- CVE
- n/a
- Risk Level
- high
- Type
- Authentication Bypass
- Status
- Unpatched. Vendor notified. No reply from developer(s)
- Vendor
- Mrcgiguy (http://www.mrcgiguy.com/)
- Vulnerable Software
- Hot Links SQL 3
- Version
- 3.2.0
- PoC/Exploit
- Available
- Solution
- Not available
- Discovered by
- Aliaksandr Hartsuyeu (eVuln.com)
Description
Authentication Bypass found in Hot Links SQL 3 script.
- Auth Bypass
- cookie Auth Bypass vulnerability found in Hot Links SQL 3. It is possible to get access to admin panel without password comparison.
PoC/Exploit
- Auth Bypass Exploit
- There is no password comparison during authentication process. Actually script checks only admin cookie. If it's value is logged in user is authenticated as Admin.
Cookie: admin=logged in
Solution.
Solution for "Cookie Auth Bypass in Hot Links SQL" is not available. Check Mrcgiguy website for updates.