LOGiN PANeL

«    May 2022    »
MoTuWeThFrSaSu
 1
2345678
9101112131415
16171819202122
23242526272829
3031 
PoLL





eBooks Tutorials Templates Plugins Scripts Applications GFX Collections WSO Stuff SCRiPTMAFiA.ORG
Support SCRiPTMAFiA.ORG
Support SCRiPTMAFiA.ORG
LaST oN NULLeD.org
Tenorshare 4uKey v3.0.19.8 Multilingual Tenorshare 4uKey v3.0.19.8 ...
Advik Email Backup Wizard v12.1 Advik Email Backup Wizard ...
Passper for ZIP v3.7.0.2 Multilingual Passper for ZIP v3.7.0.2 ...

RSS

FRiENDS
Nulled.org Software 8TM URL Shortener




Ugamela (Ogame clone) 0.2 Login Bypass



Vendor Site: http://ugamela.com
Download: http://itablackhawk.altervista.org/ogameclone.rar <- do copy/paste with this link otherwise the system will give you a 404 error
Type: Login Bypass
Severity: Hight
Patch: You can patch all manually by reading the last part of the advisory


Vuln Explanation:

The authentication check of this script doesn't work properly:

//checkeamos que el usuario este logueado y que tenga los permisos de admin
if(!check_user()){ header("Location: ./../login.php"); }
if($user['authlevel']!="3"&&$user['authlevel']!="1"){ header("Location: ../login.php");}


the use of the header function do not stop the execution of the code, so an attacker may build a special script to send command to the site without even have a registered account.
I think that even the official site might be vulnerable, even if it is working with the 0.6 version of the script.
I'll try to contact the authors to get the last version of the script and check.
If so, you'll find it nearly on this pages. ;)


Solution: The only way to solve this problem is changing the previously lines in all admin files with this lines:

//checkeamos que el usuario este logueado y que tenga los permisos de admin
if(!check_user()){ header("Location: ./../login.php"); exit;}
if($user['authlevel']!="3"&&$user['authlevel']!="1"){ header("Location: ../login.php");exit;}
dle 10.6


   
   
   






Related news:







 

Information

 
  Users of GUESTS are not allowed to comment this publication.