[VIM] WTF: BellaBiblio Admin Login Bypass

str0ke str0ke at milw0rm.com
Tue Jul 31 11:18:24 UTC 2007


He's been sending them into milw0rm for the past week, he knows they don't work.

/str0ke

On 7/30/07, Steven M. Christey <coley at linus.mitre.org> wrote:
>
> I just downloaded the source code and it's as you described.  Looks wrong
> to me, too - $admin_name etc. are hard-coded in config.php, which is
> included just before this code.  Not to mention that "administrator" isn't
> a valid md5 result :)
>
> - Steve
>


More information about the VIM mailing list