

A confirmed security vulnerability in 30 web sites - pain_perdu
http://seclists.org/fulldisclosure/2013/Mar/135

======
narad
I am getting "Sorry, this page is temporarily unavailable while we perform
necessary server maintenance." Good move.

~~~
pain_perdu
I'm not sure if you're saying you are getting that error from the link I
shared or one of the sublinks or even trying the proof of concept but in any
event here is a mirror of the main link just in case:
<http://pastebin.com/Yyrt2qtp>

~~~
dangrossman
It's the URLs in the script on the susceptible sites that are showing that
error if you access them yourself.

E.g.
[http://assetform.itbusinessedge.com/acl/accountController.js...](http://assetform.itbusinessedge.com/acl/accountController.jsp)

------
johnsoft
>Vendor stores database IDs in cookies which are easily spoofed
(USERID_COOKIE), allowing all user information to be accessed.

If this means what I think it means, why did it take until 2013 for this to be
discovered?

~~~
merlincorey
You mean reported publicly.

------
camus
So as i understand it , if you put the user id in a cookie it allows anyone to
"spoof" the server and login as any user but sending just a fake cookie ?

