Authentication Bypass in AJ Square AJ Auction and Pro Platinum Skins
CVE-2008-6965

Currently unrated

Key Information:

Vendor

Aj Square

Vendor
CVE Published:
13 August 2009

Badges

๐Ÿ‘พ Exploit Exists

What is CVE-2008-6965?

The AJ Square AJ Auction and Pro Platinum Skins have a vulnerability that enables remote attackers to bypass authentication mechanisms. Direct access to specific scripts such as site.php, auction.php, and several others within the admin directory can lead to unauthorized actions on behalf of users. This flaw occurs because redirect commands are issued without proper termination, allowing attackers to leverage direct requests to compromise the system's integrity.

References

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.