Internet Photoshow (Special Edition) Insecure Cookie Handling Vuln

ID: 3017
CVE: None
Download vulnerable application: None
--==+	       Internet Photoshow (Special Edition) Insecure Cookie Handling         +==--

Discovered By: t0pP8uZz
Discovered On: 14 MAY 2008
Script Download:
DORK: "Internet Photoshow - Slideshow"

Vendor Has Not Been Notified!


Internet Photoshow SE, suffers from insecure cookie handling, This allows the remote attacker to gain
arbitrary access to the admin area by crafting a admin cookie.

the following javascript code will craft a admin cookie, and make it available to access /admin.php


javascript:document.cookie = "login_admin=true; path=/";


visit the affected domain and paste the above javascript into your browser, once excuted visit the
affected sites "/admin.php" and you will have access to admin.

its also possible to shell the site by uploading your shell through the file upload.

1-4-2 (www01)