header-logo
Suggest Exploit
vendor:
Proxyroll.com Clone PHP Script
by:
DigitALL
8,8
CVSS
HIGH
Cookie Handling and Tamper Data
20
CWE
Product Name: Proxyroll.com Clone PHP Script
Affected Version From: 1.0
Affected Version To: 1.0
Patch Exists: No
Related CWE: N/A
CPE: a:proxyroll.com:proxyroll.com_clone_php_script
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Firefox
2010

Proxyroll.com Clone PHP Script Cookie Handling And Tamper Data

This exploit allows an attacker to tamper with the data sent to the Proxyroll.com Clone PHP Script. By using the Tamper Data add-on for Firefox, an attacker can modify the value of the "a3" parameter and the "currency_code" parameter to manipulate the amount of money sent to the script.

Mitigation:

The script should be updated to validate the data sent to it and ensure that it is not being tampered with.
Source

Exploit-DB raw data:

# Exploit Title: Proxyroll.com Clone PHP Script Cookie Handling And Tamper Data

# Date: 02.01.2010

# Author: DigitALL

# Thanks: Zombie KroNicKq NoFear and All 1923Turk.biz Members

# Version: 1.0

# Code : This Site Go To /advertise.php and Paypal Buton Click and Firefox Tamper Data Open then

a3 = Value

currency_code = USD or STERLİN or LİRA

Your 1 $  ==== They 99 $  good jobs :)

Navigation

Suggest Exploit

Services By CQR