vendor:
xeCMS
by:
t0pP8uZz
7.5
CVSS
HIGH
Insecure Cookie Handling
284
CWE
Product Name: xeCMS
Affected Version From: 1.0.0 RC2
Affected Version To: 1.0.0 RC2
Patch Exists: NO
Related CWE: N/A
CPE: a:xecms:xecms
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: None
2008
xeCMS <= 1.0.0 RC2 Insecure Cookie Handling Vulnerability
xeCMS suffers from a insecure cookie, the admin panel only checks if the cookie exists and not the content. So, an attacker can craft a cookie and look like a admin. After running the javascript, visit "/admin.php" to view admin area. An attacker can also upload a shell thru the admin area's upload feature.
Mitigation:
Ensure that the cookie is properly validated and authenticated before allowing access to the application.