Navigation

Pligg Support

Is this a vulnerability?
Someone can access my site admin area using the following: http://cromastudio:ros8731@www.tusremediosnaturales.com/

The browser gives this response when I enter the above info: You are about to log in to the site "www.tusremediosnaturales.com" with the username "cromastudio", but the website does not require authentication. This may be an attempt to trick you. Is "www.tusremediosnaturales.com" the site you want to visit?

If I click yes, the persons enter the admin area.

Possible Answers

    This is similar trying to access another site:

    A visitor from ip-208.72.116.253.pdxhosting.net (208.72.116.253)

    arrived without a referring URL,

    and visited cromastudio:ros8731@remedioscaseros.co/user/Paolahernandez/

    | Posted 240 days ago | Permalink | Hide Replies

    I cannot reproduce this issue on your server using your provided example. I don't believe this is a Pligg CMS issue.

    | Posted 240 days ago | Permalink | Hide Replies

Who Upvoted this Story

Who Downvoted this Story