Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:17657
HistoryJul 31, 2007 - 12:00 a.m.

Dora Emlak Script v1.0 (tr) Admin Login ByPass

2007-07-3100:00:00
vulners.com
19

Dora Emlak Script v1.0 (tr) Admin Login ByPass

ilker kandemir <ilkerkandemir[at]mynet.com>

Download: http://aspindir.com/goster/5027

TnX.: Ajann, Dumenci, H0tTurk, Str0ke

# # # # # # # # # # # # # # # # # # # # # # #

Bug in โ€ฆ/dora/administartor/yonetim/patron/default.asp

<%
cookFirstLevel = Session("FirstLevelSecurity") 'Ilk GัŒvenlik Session
cookSecondLevel = Session("SecondLevelSecurity") 'Ikinci GัŒvenlik Session
queryProc = Request.QueryString("Proc") 'Querystring Tanimi
strPageURL = Replace("/" & Request.ServerVariables("URL"),"//","/") 'Bu Sayfa Adresi
strFirstPass = "sifre1"
strSecondPass = "sifre2"
If fixWord(queryProc) = "" Then 'Eger Query Bos Ise (Normal Sayfa Acilisiysa)
If cookFirstLevel <> 1 and cookSecondLevel <> 1 Then 'Eger 1. ve 2. Seviye Sessionlar 1den Farkliysa
%>

# # # # # # # # # # # # # # # # # # # # # # #

Admin Login Panel: /administartor/yonetim/patron/admin.asp

First Login Pass: sifre1

Second Login Pass: sifre2

# # # # # # # # # # # # # # # # # # # # # # #