Magic Downloads Unauthorized Data Modification

CVE	Category	Price	Severity
CVE-2006-0722	CWE-123	$500	Critical

Author	Risk	Exploitation Type	Date
ExploitMaster	High	Remote	2006-02-25

CPE
cpe:cpe:/a:microsoft:internet_explorer:8.0.6001:beta

Our sensors found this exploit at: http://cxsecurity.com/ascii/WLB-2006020072

Below is a copy:

New eVuln Advisory:
Magic Downloads Unauthorized Data Modification
http://evuln.com/vulns/73/summary.html

--------------------Summary----------------
eVuln ID: EV0073
CVE: CVE-2006-0722
Vendor: Reamday Enterprises
Vendor's Web Site: http://reamdaysoft.com
Software: Magic Downloads
Sowtware's Web Site: http://reamdaysoft.com/customers/magic-downloads/download.html
Versions: 1.1.3
Critical Level: Moderate
Type: Unauthorized Data Modification
Class: Remote
Status: Unpatched. No reply from developer(s)
Exploit: Available
Solution: Not Available
Discovered by: Aliaksandr Hartsuyeu (eVuln.com)

-----------------Description---------------
Unauthorized Data Modification

Vulnerable script: settings.php

Variables $action $passwd $admin_password $new_passwd $confirm_passwd are not initialized and their values can be replaced by user-defined data. This can be used to make unauthorized modifications in config.php

Condition: register_globals = ON

--------------Exploit----------------------
Available at: http://evuln.com/vulns/73/exploit.html

--------------Solution---------------------
No Patch available.

--------------Credit-----------------------
Discovered by: Aliaksandr Hartsuyeu (eVuln.com)

Regards,
Aliaksandr Hartsuyeu
http://evuln.com - Penetration Testing Services
.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum