Bugtraq mailing list archives
Re: BellaBook Admin Bypass/Remote Code Execution
From: jem () jemjabella co uk
Date: 1 Aug 2007 17:36:47 -0000
As with your so-called bypass of BellaBiblio, this is not actually correct. You state that with the username you can gain access to the login page - but you seem to have missed the fact that the password and totally random salt are needed too? Furthermore, you're using a script designed to bypass pheap login features with a few modifications - that does nothing to my scripts.
Current thread:
- Re: BellaBook Admin Bypass/Remote Code Execution jem (Aug 01)