Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

ACSblog bug
From: farhad koosha <farhadkey () yahoo com>
Date: 23 Apr 2005 17:10:21 -0000


*/ WWW.BAHADORLOVER.COM \*

ACSblog :
A asp weblog with manageable code blocks and logical structure make it easy for the novice to get into the code and 
customize it to your site. Full-featured enough for expert bloggers

vendor:www.asppress.com

Where is the bug ?

inc_login_check.asp 

<% if request.cookies(cookiename)="in" then
ihaveadminright=true
else
ihaveadminright=false
end if
%>

---------------

Default cookiename is "ACSBlog12345" and you can create a cookie or using http headers -> ACSBlog12345=in

---------------

vulnerable versions:
0.8
1.0
1.0.1
1.0.2
1.0.3
1.1
1.1.2
1.1.3
Commercial Version

3NITRO : www.bahadorlover.com

  By Date           By Thread  

Current thread:
  • ACSblog bug farhad koosha (Apr 23)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]