CMSLogik 1.2.1 (user param) User Enumeration Weakness

Title: CMSLogik 1.2.1 (user param) User Enumeration Weakness
Advisory ID: ZSL-2013-5137
Type: Local/Remote
Impact: Exposure of sensitive informationg
Risk: (1/5)
Release Date: 14.04.2013
Summary
CMSLogik is built on a solid & lightweight framework called CodeIgniter, and design powered by Bootstrap. This combination allows for greater security, extensive flexibility, and ease of use. You can use CMSLogik for almost any niche that your project might fall into.
Description
The weakness is caused due to the 'unique_username_ajax' script enumerating the list of valid usernames when some characters are provided via the 'user' parameter.
Vendor
ThemeLogik - http://www.themelogik.com/cmslogik
Affected Version
1.2.1 and 1.2.0
Tested On
Router Webserver
Vendor Status
[05.04.2013] Vulnerability discovered.
[05.04.2013] Contact with the vendor.
[05.04.2013] Vendor replies asking more details.
[05.04.2013] Sent detailed information to the vendor.
[08.04.2013] Vendor confirms the issues promising patch.
[14.04.2013] Public security advisory released.
PoC
cmslogik_enum.py
Credits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>
References
[1] http://cxsecurity.com/issue/WLB-2013040104
[2] http://www.exploit-db.com/exploits/24959/
[3] http://packetstormsecurity.com/files/121304
[4] http://osvdb.org/show/osvdb/92321
[5] http://secunia.com/advisories/53037/
Changelog
[14.04.2013] - Initial release
[15.04.2013] - Added reference [1] and [2]
[16.04.2013] - Added reference [3] and [4]
[19.04.2013] - Added reference [5]
Contact
Zero Science Lab

Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk