Warning! JavaScript is disabled in your browser.
Please enable JavaScript for the correct operation of the site

0day.today - Biggest Exploit Database in the World.

Select your language:

English

Русский

Deutsch

Türkçe

Français

Italiano

Español

Romania

Polskie

العربية

Japan

China

Things you should know about 0day.today:

We use one main domain: http://0day.today
Most of the materials is completely FREE
If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD

We accept currencies: [contact admin to find more]

We don't want you to use our site as a tool for hacking purposes, so any kind of action that could affect illegaly other users or websites that you don't have right to access will be banned and your account including your data will be destroyed.

Administration of this site uses the official contacts. Beware of impostors!

We DO NOT use Telegram or any messengers / social networks!

We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!

I am registered user of 0day.today. I don't want to see this screen in future.

What to do first?

Read the [ agreement ]
Read the [ Submit ] rules
Visit the [ faq ] page
[ Register ] profile
Get [ GOLD ]
If you want to [ sell ]
If you want to [ buy ]
If you lost [ Account ]
Any questions [ admin@0day.today ]

Main links

You can contact us by

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Twitter:

Telegram:

We DO NOT use Telegram or any messengers / social networks!

[ authorization ] [ registration ] [ restore account ]

You can contact us by:

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Twitter:

Telegram:

We DO NOT use Telegram or any messengers / social networks!

0day Today Exploits Market and 0day Exploits Database

RedaxScript 2.1.0 - Privilege Escalation Vulnerability

Author

shyamkumar somana

Risk

[

Security Risk High

]

0day-ID

Category

web applications

Date add

Platform

# Exploit Title: Privilege Escalation in RedaxScript 2.1.0
# Date: 11-05-2014
# Exploit Author: shyamkumar somana
# Vendor Homepage: http://redaxscript.com/
# Version: 2.1.0
# Tested on: Windows 8

#Privilege Escalation in RedaxScript 2.1.0

RedaxScript 2.1.0 suffers from a privilege Escalation vulnerability. The
issue occurs because the application fails to properly implement access
controls. The application also fails to perform proper sanity checks on the
user supplied input before processing it. These two flaws led to a
vertical privilege escalation. This can be achieved by a simply tampering
the parameter values. An attacker can exploit this issue to gain elevated
privileges to the application.

*Steps to reproduce the instance:*

· login as a non admin user

· Go to account and update the account.

· intercept the request and add “*groups[]=1*” to the post data and
submit the request

· Log out of the application and log in again. You can now browse
the application with admin privileges.

This vulnerability was addressed in the following commit.

https://github.com/redaxmedia/redaxscript/commit/bfe146f98aedb9d169ae092b49991ed1b3bc0860?diff=unified

*Timeline*:

09-26-2014: Issue identified

09-27-2014: Discussion with the vendor

10-27-2014: Issue confirmed

11-05-2014: Patch released.

Author: Shyamkumar Somana
Vendor Homepage: http://redaxscript.com/download
Version: 2.1.0
Tested on: Windows 7

--

[image: --]
shyam kumar
[image: http://]about.me/shyamkumar.somana
<http://about.me/shyamkumar.somana?promo=email_sig>

Shyamkumar Somana | +91 89513 38625 | twitter.com/0xshyam |
in.linkedin.com/in/sshyamkumar/ |

# 0day.today [2024-11-15] #

Report Error

Report Error

Thank you for your error report. We will review it as soon as possible.