Penetration Testing mailing list archives
FatWire CMS
From: "Alex Eden" <Alex.Eden () senet-int com>
Date: Tue, 9 Sep 2008 13:47:54 -0400
FatWire administrator's guide says, "The DefaultReader user account has one ACL: Browser. Because many of the Content Server database tables have the Browser ACL assigned to them, this means that someone could log in to a Content Server database as DefaultReader using Content Server Explorer and examine information about your system (although they cannot write to any tables as this user)." Can someone provide me with more info how can I log in " Content Server database as DefaultReader using Content Server Explorer"? I can log in somewhere into something on this particular server, but all I'm getting is this message, "Welcome DefaultReader Username/password validated." What default URLs I can try to verify it? Thanks! ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- FatWire CMS Alex Eden (Sep 09)