1.0Professional

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

jiro

exploit available

NVD

Published: 2006-03-14

Updated: 2018-10-18

Summary

JiRo's Banner System Experience and Professional 1.0 and earlier allows remote attackers to bypass access restrictions and gain privileges via a direct request to certain scripts in the files directory, as demonstrated by using addadmin.asp to create a new administrator account.

Vulnerable Configurations

Part	Description	Count
Application	Jiro Jiro Banner System 1.0_Experience Jiro Banner System 1.0_Professional	2

Exploit-Db

description	JiRos Banner Experience 1.0 (Create Admin Bypass) Remote Exploit. CVE-2006-1213. Webapps exploit for asp platform
id	EDB-ID:1571
last seen	2016-01-31
modified	2006-03-09
published	2006-03-09
reporter	nukedx
source	https://www.exploit-db.com/download/1571/
title	JiRos Banner Experience 1.0 Create Admin Bypass Remote Exploit

Summary

Vulnerable Configurations

Exploit-Db

References