Full Disclosure mailing list archives
SmartSiteCMS v1.0 authentication bypass
From: Paulino Calderon <nah () suckea com>
Date: Tue, 08 Aug 2006 22:10:11 -0700
SmartSiteCMS v1.0 authentication bypass STATUS: I contacted the vendor more than 2 months ago and still no response. TECHNICAL INFO ================================================================ One of the worst cms I've ever seen regarding security, no input sanitationat all. Bypassing authentication just requires to create a cookie named "userName"
Vulnerable code: admin.php line 43 -------------------------------- <?php if (isset($_COOKIE['userName'])) { -------------------------------- VULNERABLE VERSIONS --------------------------------------------------------------- Ive only tested v1.0 --------------------------------------------------------------- Contact information :Paulino Calderon :nahsuckea.com :http://nah.suckea.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- SmartSiteCMS v1.0 authentication bypass Paulino Calderon (Aug 08)