Web Insecurity

PHP TopSites Setup.PHP Authentication Bypass Vulnerabili

July 22nd, 2005

PHP TopSites is prone to an authentication bypass vulnerbility. An attacker may bypass authentication and gain access to the vulnerable application.

Once access has been achieved, the malicious user has full control of the application. This may aid in further attacks against the underlying system.

Vulnerable Versions:
PHP TopSites PRO PHP TopSites PRO 2.2
PHP Topsites FREE PHP Topsites FREE 2.2

The orignal vulnerability post can be found here.

Entry Filed under: Vulnerabilities

Some HTML allowed:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Trackback this post | Subscribe to the comments via RSS Feed

Calendar

July 2005
M	T	W	T	F	S	S
		Jan »
	1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31

Most Recent Posts

Are IP Addresses Personal Information?
Kernell Faces Possible Jail Time
Server Outage, Lost Posts
New ModSecurity!
Behavioral Targeting Industry Standards
Old School Exploits
and the Script Kiddie Is... David Kernell
Friday Favorite - QuickTime Vulnerability
Adobe Illustrator Malformed AI File Remote Code Execution Vulnerability
Three days, five different Drupal vulnerabilities

PHP TopSites Setup.PHP Authentication Bypass Vulnerabili

Leave a Comment

Calendar

Most Recent Posts