AOH :: Web BBS :: etc :: WEB4987.HTM

AOH :: Web BBS :: etc :: WEB4987.HTM
Allair forums allows impersonation of other users

10th Jan 2002 [SBWID-4987]

COMMAND

	Allair forums allows impersonation of other users

SYSTEMS AFFECTED

	All ?

PROBLEM

	\"Kernel     jeian\"     and      \"Executive      Officer\"      posted
	[http://www.exploitresearch.net] :
	

	Allaire forums use a  HIDDEN  tag  to  determine  the  name  and  e-mail
	address of the author. By saving  the  file  to  disk  and  editing  the
	HIDDEN fields before posting, it  is  possible  to  impersonate  another
	user.

SOLUTION

	The product is discontinued ??

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better). Site design & layout copyright © 1986-2009 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.