Acsblog Bug

GovernmentSecurity.org > General GSO > Exploit & Vulnerability Mailing List Archives

qcred11

Apr 24 2005, 11:56 AM

QUOTE

ACSblog bug

A asp weblog with manageable code blocks and logical structure make it easy for the novice to get into the code and customize it to your site. Full-featured enough for expert bloggers
vendor:www.asppress.com

Where is the bug ?

inc_login_check.asp

<% if request.cookies(cookiename)="in" then
ihaveadminright=true
else
ihaveadminright=false
end if
%>

---------------
Default cookiename is "ACSBlog12345" and you can create a cookie or using http headers -> ACSBlog12345=in
---------------

vulnerable versions:
0.8
1.0
1.0.1
1.0.2
1.0.3
1.1
1.1.2
1.1.3
Commercial Version

3NITRO : www.bahadorlover.com

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.