Vulnerabilities within Mura CMS / Sitecore MCS / SmarterMail

From: Mark Litchfield <mark@securatary.com>
To: webappsec@securityfocus.com,bugtraq@securityfocus.com,vuln-dev@securityfocus.com,pen-test@securityfocus.com
Cc:
Subject: Vulnerabilities within Mura CMS / Sitecore MCS / SmarterMail
Date:


These vulnerabilities allow for a complete take over giving full 
administrative access as well as remote shells on the servers that they 
are installed on.

Each of these suffer from Insecure Direct Object Reference Vulnerabilities.

Due to the details of the attack and screen shots, they can be found at 
http://www.securatary.com/vulnerabilities

All the best

Mark Litchfield





Copyright © 1995-2018 LinuxRocket.net. All rights reserved.