• info
• discussion
• exploit
• solution
• references

Orion-Blog CVE-2007-1471 Security Bypass Vulnerability

Orion-Blog is prone to a security bypass vulnerability. admin/default.asp in Orion-Blog 2.0 allows remote attackers to bypass authentication controls and gain privileges via a direct URL request for admin/AdminBlogNewsEdit.asp.