PonVFTP – Insecure Cookie Authentication Bypass

• Exploit Database
• 118 阅读

• 作者： SkuLL-HackeR
  日期： 2010-05-17
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/33994/
• 1 2 3 4 5 6 7 8 9 10

  source: https://www.securityfocus.com/bid/40207/info   PonVFTP is prone to an authentication-bypass vulnerability because it fails to adequately verify user-supplied input used for cookie-based authentication.   Attackers can exploit this vulnerability to gain administrative access to the affected application, which may aid in further attacks.   The following example data is available:   javascript:document.cookie="username=admin";