View Full Version : Gonafish.com
XandroZ
September 5th, 2006, 11:23 AM
Gonafish.com LinksCaffe 2.0 and 3.0 do not properly restrict access to administrator functions, which allows remote attackers to gain full administration rights via a direct request to Admin/admin1953.php
TNT
September 5th, 2006, 09:17 PM
-{ Quote: "Gonafish.com LinksCaffe 2.0 and 3.0 do not properly restrict access to administrator functions, which allows remote attackers to gain full administration rights via a direct request to Admin/admin1953.php" }-I think this is stuff for BugTraq (http://www.securityfocus.com/archive/1) (providing you post some technical explanation), as this forum doesn't really discuss exploitable vulnerabilities in software packages, at least in a "full disclosure" way (admins correct me if I'm wrong).
Bubba
September 5th, 2006, 10:00 PM
-{ Quote: "this forum doesn't really discuss exploitable vulnerabilities in software packages, at least in a "full disclosure" way" }-Correct....however I believe the thread starter is providing an informational thread about a vulnerability and has simply failed to provide a link to the Alert.
For example:
Vulnerability Summary CVE-2006-4462 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-4462)
-{ Quote: "Overview
Gonafish.com LinksCaffe 2.0 and 3.0 do not properly restrict access to administrator functions, which allows remote attackers to gain full administration rights via a direct request to Admin/admin1953.php." }-
vBulletin® Copyright ©2000-2013, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2013, Wilders Security Forums