ArcadeBuilder Game Portal Manager usercookie Cookie SQL Injection

2007-07-01T00:00:00
ID OSVDB:36367
Type osvdb
Reporter xprog(), t0pP8uZz()
Modified 2007-07-01T00:00:00

Description

Manual Testing Notes

EXPLOIT: Using your prefered cookie editor make a cookie with the following; Name: usercookie Content: admin'/* Host: [target] Path: /

References:

Secunia Advisory ID:25916 Other Advisory URL: http://milw0rm.com/exploits/4133 ISS X-Force ID: 35198 CVE-2007-3521 Bugtraq ID: 24731