SecurityFocus BUGTRAQ Mailing List: BugTraqLink Number One Link Number One Link 
Number Two Link Number Two  Link Number One Link Number One Link Number Two Link 
Number Two   
                          Entire Site Advisories Calendar Columnists Elsewhere 
                          Guest Feature Infocus Library Links Mailing Lists 
                          (all) -- BUGTRAQ -- FOCUS-IDS -- FOCUS-IH -- 
                          FOCUS-LINUX -- FOCUS-MS -- FOCUS-SUN -- FOCUS-VIRUS -- 
                          FORENSICS -- INCIDENTS -- PEN-TEST -- SEC JOBS -- SF 
                          NEWS -- VULN-DEV News Products Services Tools Vulns








             
             




                         BUGTRAQ ARCHIVE 

                        [ Message Index ] [ Thread Index ][ Reply ]
                        [ prev Msg by Date ][ next Msg by Date ]


                              To: BugTraq
                              Subject: Admin Access Vulnerability in Community 
                              Wizard
                              Date: Sep 19 2003 8:40PM
                              Author: Bahaa Naamneh <b_naamneh hotmail com>
                              Message-ID: 
                              <20030919204017.31211.qmail@sf-www1-symnsj.securityfocus.com>



Admin Access Vulnerability in Community Wizard


Affected Systems: Community Wizard

version: 5.1 (and possibly earlier versions)

Vendor: http://www.sepcity.com , http://www.commwiz.com

Issue: gain admin access

Released: 18 September 2003


Introduction:
=============
"Community Wizard allows anyone to run their own web Portal site without any programming
knowledge. Features includes: user login/signup, site search, user profiles,
content management, user management, adserver, search engines, forums, file
libraries, guestbook, instant messenger, full administration section to allow the
admin to manage the web site with page editors, module editors, general setup,
site layout and several modules."


Details:
========
It is possible to gain admin access due to a flaw in the 'login.asp' file.
due to a flaw in the script that checking the username and the password it is possible
to gain admin access by using this code 'or''=' as the password and not important
what the username that you enter, you can enter whatever in the Username
field.

Username: whatever
Password: 'or''='


Vendor status:
==============
The vendor has been informed, and bug has been fixed as they told me.


Discovered by/Credit:
=====================
Bahaa Naamneh
b_naamneh hotmail com
http://www.bsecurity.tk






                  Want to link to this message? Use this URL: 
                  <http://www.securityfocus.com/archive/1/338298>
                  Disclaimer, Terms & Conditions


                  About this List


                  Featured Lists:

                  ARIS Users
                  bugtraq
                  bugtraq-es
                  bugtraq-french NEW
                  bugtraq-jp
                  firewalls
                  focus-ids
                  focus-ih
                  focus-linux
                  focus-ms
                  focus-sun
                  focus-unix-other
                  focus-virus
                  forensics
                  forensics-es
                  honeypots
                  incidents
                  libnet
                  pen-test
                  secevents
                  secpapers
                  secprog
                  sectools
                  secureshell
                  security-basics
                  security-management NEW
                  securityjobs
                  vpn
                  vuln-dev
                  webappsec

                  Newsletters:

                  sf-news
                  ms-secnews
                  linux-secnews


                  [ more . . . ]




                        Privacy Statement
                        Copyright © 1999-2003 SecurityFocus