Papoo Content Management System Backend Access Restriction Bypass Jun 24
2007
________________________________________________________________________
_______
* Product
Papoo Content Management System
* Vulnerable Versions
Papoo 3.6 and maybe prior
* Vendor Status
The Vendor was notified and the issue was fixed.
A patch is available at
http://www.papoo.de/index/menuid/204/reporeid/215
* Details
The Papoo Content Management System provides several administration
plugins
in order to switch the application into debug mode or to create a
database
backup, for instance. By default, the plugins are only available to the
administrator. The application however fails to check the user's
privileges
and allows any userwith access to the backend to access these
administration
pages.
the database backup plugin dumps the whole database into a file that can be
reviewed afterwards. The dump can also include the complete user table
with
all usernames and password hashes. The backup page can be directly
accessed
via:
If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com.