|
|
| |
| AlGuest is a powerful guestbook based on a MySQL database. It has a complete administration tool, two languages (new languages can be added simply) and very nice graphic. It is light and fast. A security vulnerability in the product allows attackers to cause the product to think they are administrators by placing a fake Administrator cookie on their computer. |
| |
Credit:
The information has been provided by MOD.
|
| |
Vulnerable systems:
AlGuest version 1.0
AlGuest is a guestbook programmed in PHP. A major flaw in the program has been found to enable any user to access the administrator panel. The flaw is caused because cookie data is not properly checked for administrator rights (i.e. username, password), but rather only checked if whether the cookie is present "elseif(isset($admin))". Therefore, an attacker can just create the cookie and gain access to administrator panel.
Possible solution:
A solution might be this "elseif(isset($HTTP_COOKIE_VARS['admin'] == $password && $username))".
|
|
|
