Skip to content

Latest commit

 

History

History
24 lines (14 loc) · 1.01 KB

README.md

File metadata and controls

24 lines (14 loc) · 1.01 KB

CVE-2023-46501 - BoltWire v6.03 - Improper Access Control

Description

In version 6.03 of BoltWire CMS, it is possible to exploit an “Improper Access Control” vulnerability, through the index.php?p=member.admin&action=data parameter, allowing an attacker to view any member's password, including the from the admin, thus allowing the theft of information, arbitrary changes to data or manipulation of the application for malicious purposes.

To Fix

Update to the latest version of BoltWire CMS.

Steps to Reproduce:

1) Create a new member. step 1

2) Access the following URL: http://domain.com/folder/index.php?p=member.admin&action=data

Note: replace http://domain.com/folder/ with the address of the application to be tested.

3) As a result, you will be able to view the admin password. step 3

4) To view other users' passwords, simply change the “admin” parameter in the URL provided above to another user's name, for example member.user.