|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
XEForum Cookie Modification Privilege Escalation Vulnerability
From: <Firewall1954(at)hotmail.com>
Date: Wed Jun 27 2007 - 21:12:55 EDT
Found: Jun 26, 2007
XeForum contains a flaw that may allow a remote attacker to gain administrative privileges. Modifying contained cookie you can change of session and to even enter like administrator.
: Cookie: xeforum="Your Username" :
change to:
: Cookie: xeforum="Admin Username" :
Firewall
Firewall of Peru
Firewall@hotmail.com
Greetz to Swp-Scene And Revolutionz
http://4firewall.uni.cc
Received on Thu Jun 28 11:52:25 2007
Date: Wed Jun 27 2007 - 21:12:55 EDT
- XEForum Cookie Modification Privilege Escalation Vulnerability
Vulnerable product: XEForum
Vendor: http://www.xeforum.com/
Date:
Found: Jun 26, 2007
Vulnerability:
XeForum contains a flaw that may allow a remote attacker to gain administrative privileges. Modifying contained cookie you can change of session and to even enter like administrator.
Cookie:
: Cookie: xeforum="Your Username" :
change to:
: Cookie: xeforum="Admin Username" :
Credit:
Firewall
Firewall of Peru
Firewall@hotmail.com
Greetz to Swp-Scene And Revolutionz
http://4firewall.uni.cc
Received on Thu Jun 28 11:52:25 2007
This archive was generated by hypermail 2.1.8 : Thu Jun 28 2007 - 12:00:03 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |