Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:17085
HistoryMay 25, 2007 - 12:00 a.m.

BoastMachine v3.0 platinum - Session Эd Hacking

2007-05-2500:00:00
vulners.com
52
JSON

Vagrant - E-hack.org (05.22.2007)

BoastMachine v3.0 platinum - Session Id Hacking

After the login into the site which alllows new user registration. Site
user's data which is entered to change the topic, can be changed by another
user, and that is a security hole because of ID interchangeability in URL
address space.

If the changed topic belongs to the admin it doedn't affect the free login
and site user has an authority to make changes and cop the topics.

------- >>>

Vulnerable;

http://www.xxx.com/login.php

http://www.xxx.com/user.php?action=list_posts

Edit posts;
http://www.e-hack.org/user.php?action=list_posts

Post title edit;
http://www.xxx.com/user.php?action=edit_post&blog=1&id=(155) = (Id)

New Id;
http://www.xxx.com/user.php?action=edit_post&blog=1&id=(154) = (Id)

Credits : Vagrant
Contact : [email protected]
Site : www.e-hack.org

Siz de iletisimin evrimine kat?l?n!
http://www.communicationevolved.com/tr-tr/

JSON