Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 28/07/2009 Updated: 19/09/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

index.php in Desi Short URL Script 1.0 allows remote malicious users to bypass authentication by setting the logged cookie to 1 and the uid cookie to an integer value, as demonstrated by a value of 13.

Vulnerable Product	Search on Vulmon	Subscribe to Product
desiscripts desi short url script 1.0

Desi Short URL Insecure Cookie Handling Vulnerability Discovered By:N@bilX Home:ma-exploitcom /m4r0c-s3curitycc email:eyx@hotmailcom Not: jib L3az Wla Khaz [ma] -------------------- download:webscriptssoftpediacom/script/Miscellaneous/Desi-Short-Url-Script-42484html exploit: *** javascript:documentcookie = "logged =1"; javascript:doc ...

CWE-287 http://www.exploit-db.com/exploits/8925 https://nvd.nist.gov https://www.exploit-db.com/exploits/8925/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2009-2642

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect