Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

FatWire CMS

From: "Alex Eden" <Alex.Eden () senet-int com>
Date: Tue, 9 Sep 2008 13:47:54 -0400
FatWire administrator's guide says,

"The DefaultReader user account has one ACL: Browser. Because many of the
Content Server database tables have the Browser ACL assigned to them, this
means that someone could log in to a Content Server database as DefaultReader
using Content Server Explorer and examine information about your system
(although they cannot write to any tables as this user)."


Can someone provide me with more info how can I log in " Content Server
database as DefaultReader using Content Server Explorer"?

I can log in somewhere into something on this particular server, but all I'm
getting is this message,

"Welcome DefaultReader
Username/password validated."

What default URLs I can try to verify it?

Thanks!




------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: