/////-------------------------------------------------------///
// Uploaded by Xtreme @ Scriptmafia.org ///
//--------Xtreme-Web.net------------------------- ///
/////-------------------------------------------------------///
/////----------------SCRIPT INFO.......---------------------------------------///

File Size:1.1 MB
Latest Release:12th July, 2007
Version:1.4.7
Price: $90.00
Demo Details
Demo Url: http://demos.kubelabs.com/kubelance/

Admin Url: http://demos.kubelabs.com/kubelance/adm/
Admin User: demo
Admin Pass: demo

/////-----------------------END SCRIPT INFO--------------------------------///
Create a site where buyers can post projects/jobs and providers can bid on them. You charge a fee for each project/job created.

Feature List

Easy to edit html template files
Simple wizard installation
Charge a fee for each project and job
Plugin payment system (allows for additional payment methods to be installed easily)
Supports Paypal and NoChex
Easy to edit language files
No need to setup a cronjob
Powerful Admin panel for controlling your site
1 year of upgrades

/////----------------------END DESCRIPTION----------------------------------///
/////--------------END ALL----------------------------------------------------------///

Vendor Site: http://ugamela.com
Download: http://itablackhawk.altervista.org/ogameclone.rar <- do copy/paste with this link otherwise the system will give you a 404 error
Type: Login Bypass
Severity: Hight
Patch: You can patch all manually by reading the last part of the advisory


Vuln Explanation:

The authentication check of this script doesn't work properly:



the use of the header function do not stop the execution of the code, so an attacker may build a special script to send command to the site without even have a registered account.
I think that even the official site might be vulnerable, even if it is working with the 0.6 version of the script.
I'll try to contact the authors to get the last version of the script and check.
If so, you'll find it nearly on this pages. ;)


Solution: The only way to solve this problem is changing the previously lines in all admin files with this lines:

/////-------------------------------------------------------///
// Uploaded by Xtreme @ Scriptmafia.org ///
//--------Xtreme-Web.net------------------------- ///
/////-------------------------------------------------------///
/////----------------SCRIPT INFO.......---------------------------------------///

- Script Name : Rayzz - Youtube Clone Script

Youtube clone, Metacafe clone, Myspace clone, Vidilife Clone

A community style clone of youtube, myspace like profile customization, fun stuff like vidilife,
functions like metacafe, so the net result you get an all in one product which is amazing

////----------------------------------------------------------------------------------------------------------///