Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 07:58:04 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=2090661247&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Insecure%20Cookie%20Handling%20Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Ffiles%2Ftags%2Finsecure_cookie_handling%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.2090661247.1338191884.1338191884.1338191884.1%3B%2B__utmz%3D32867617.1338191884.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/108481/paddelbergts-bypass.txt http://packetstormsecurity.org/files/108481/paddelbergts-bypass.txt http://packetstormsecurity.org/files/108481/Paddelberg-Topsite-Script-Insecure-Cookie.html Mon, 09 Jan 2012 20:53:57 GMT Paddelberg Topsite Script version 1.2.3 suffers from an authentication bypass vulnerability due to insecure cookie handling. http://packetstormsecurity.org/files/105846/avarcadepro-insecure.txt http://packetstormsecurity.org/files/105846/avarcadepro-insecure.txt http://packetstormsecurity.org/files/105846/AV-Arcade-Pro-5.4.3-Cookie-Manipulation.html Sat, 15 Oct 2011 23:46:31 GMT AV Arcade Pro version 5.4.3 suffers from an insecure cookie vulnerability that allows for access bypass. http://packetstormsecurity.org/files/100876/phpdirector-insecure.txt http://packetstormsecurity.org/files/100876/phpdirector-insecure.txt http://packetstormsecurity.org/files/100876/PHPDirector-0.30-Insecure-Cookie-Handling.html Wed, 27 Apr 2011 17:11:11 GMT PHPDirector version 0.30 suffers from an insecure cookie handling vulnerability that allows for privilege escalation. http://packetstormsecurity.org/files/98729/BMSA-2011-01.txt http://packetstormsecurity.org/files/98729/BMSA-2011-01.txt http://packetstormsecurity.org/files/98729/web.go-Insecure-Cookie.html Fri, 25 Feb 2011 17:23:34 GMT web.go suffers from an insecure cookie vulnerability. Their cookie is modeled after Tornado which had the same issue reported on in 2010. http://packetstormsecurity.org/files/97016/babilcms-insecure.txt http://packetstormsecurity.org/files/97016/babilcms-insecure.txt http://packetstormsecurity.org/files/97016/Babil-CMS-Insecure-Cookie-Handling.html Sat, 25 Dec 2010 17:52:42 GMT Babil CMS suffers from an insecure cookie handling vulnerability. http://packetstormsecurity.org/files/94911/wikiwebhelp-insecure.txt http://packetstormsecurity.org/files/94911/wikiwebhelp-insecure.txt http://packetstormsecurity.org/files/94911/WikiWebHelp-0.3.3-Insecure-Cookie-Handling.html Sun, 17 Oct 2010 22:31:47 GMT WikiWebHelp version 0.3.3 suffers from an insecure cookie handling vulnerability. http://packetstormsecurity.org/files/94582/phphosting-insecure.txt http://packetstormsecurity.org/files/94582/phphosting-insecure.txt http://packetstormsecurity.org/files/94582/PHP-Hosting-Directory-2.0-Insecure-Cookie.html Mon, 11 Oct 2010 01:03:08 GMT PHP Hosting Directory version 2.0 suffers from an insecure cookie vulnerability that allows for administrative bypass. http://packetstormsecurity.org/files/94572/xweblog-insecure.txt http://packetstormsecurity.org/files/94572/xweblog-insecure.txt http://packetstormsecurity.org/files/94572/xWeblog-2.2-Insecure-Cookie-Handling.html Mon, 11 Oct 2010 00:50:01 GMT xWeblog version 2.2 suffers from an insecure cookie handling vulnerability. http://packetstormsecurity.org/files/94318/aleza-sql.txt http://packetstormsecurity.org/files/94318/aleza-sql.txt http://packetstormsecurity.org/files/94318/Aleza-Portal-1.6-Insecure-Cookie.html Wed, 29 Sep 2010 00:32:20 GMT Aleza Portal version 1.6 suffers from an insecure cookie handling vulnerability that allows for SQL injection. http://packetstormsecurity.org/files/92805/BMSA-2010-01.txt http://packetstormsecurity.org/files/92805/BMSA-2010-01.txt http://packetstormsecurity.org/files/92805/Tornado-1.0-Insecure-Cookie.html Tue, 17 Aug 2010 01:14:15 GMT Tornado version 1.0 suffers from an insecure cookie vulnerability. http://packetstormsecurity.org/files/92557/opencart-insecure.txt http://packetstormsecurity.org/files/92557/opencart-insecure.txt http://packetstormsecurity.org/files/92557/Open-Cart-0.6.5-Insecure-Cookie.html Sat, 07 Aug 2010 15:46:38 GMT Open Cart version 0.6.5 suffers from an insecure cookie handling vulnerability. http://packetstormsecurity.org/files/92238/avarcade-insecure.txt http://packetstormsecurity.org/files/92238/avarcade-insecure.txt http://packetstormsecurity.org/files/92238/AV-Arcade-3-Insecure-Cookie-SQL-Injection.html Wed, 28 Jul 2010 17:44:53 GMT AV Arcade version 3 suffers from insecure cookie and SQL injection vulnerabilities. http://packetstormsecurity.org/files/91919/mybook-insecure.txt http://packetstormsecurity.org/files/91919/mybook-insecure.txt http://packetstormsecurity.org/files/91919/My-Book-Insecure-Cookie-Handling.html Sat, 17 Jul 2010 02:15:44 GMT My Book suffers from an insecure cookie handling vulnerability. http://packetstormsecurity.org/files/90886/whemupload-insecure.txt http://packetstormsecurity.org/files/90886/whemupload-insecure.txt http://packetstormsecurity.org/files/90886/whem-UPLoad-7.0-Insecure-Cookie.html Wed, 23 Jun 2010 05:19:38 GMT [whem]-UPLoad version 7.0 suffers from an insecure cookie handling vulnerability. http://packetstormsecurity.org/files/88870/memorialwebsite-insecure.txt http://packetstormsecurity.org/files/88870/memorialwebsite-insecure.txt http://packetstormsecurity.org/files/88870/Memorial-Web-Site-Script-Password-Reset-Insecure-Cookie.html Sat, 24 Apr 2010 02:58:12 GMT Memorial Web Site Script suffers from password reset and insecure cookie handling vulnerabilities. http://packetstormsecurity.org/files/87940/velbox-insecure.txt http://packetstormsecurity.org/files/87940/velbox-insecure.txt http://packetstormsecurity.org/files/87940/velBox-1.2-Insecure-Cookie-Handling.html Thu, 01 Apr 2010 23:22:33 GMT velBox version 1.2 suffers from an insecure cookie handling vulnerability. http://packetstormsecurity.org/files/87800/denapars-shellinsecure.txt http://packetstormsecurity.org/files/87800/denapars-shellinsecure.txt http://packetstormsecurity.org/files/87800/Denapars-Shop-Script-Bypass-Insecure-Cookie-Shell-Upload.html Wed, 31 Mar 2010 01:15:12 GMT Denapars Shop Script suffers from administrative bypass, shell upload, and insecure cookie handling vulnerabilities. http://packetstormsecurity.org/files/87466/islamicvoice-insecure.txt http://packetstormsecurity.org/files/87466/islamicvoice-insecure.txt http://packetstormsecurity.org/files/87466/Islamic-Voice-Insecure-Cookie-Handling.html Sat, 20 Mar 2010 02:20:37 GMT Islamic Voice suffers from an insecure cookie handling vulnerability. http://packetstormsecurity.org/files/87314/cutenews-insecure.txt http://packetstormsecurity.org/files/87314/cutenews-insecure.txt http://packetstormsecurity.org/files/87314/CuteNews-1.4.6-Insecure-Cookie-Handling.html Tue, 16 Mar 2010 23:26:53 GMT CuteNews version 1.4.6 suffers from an insecure cookie handling vulnerability. http://packetstormsecurity.org/files/86671/newbiecms-insecure.txt http://packetstormsecurity.org/files/86671/newbiecms-insecure.txt http://packetstormsecurity.org/files/86671/Newbie-CMS-Insecure-Cookie-Handling.html Thu, 25 Feb 2010 05:06:13 GMT Newbie CMS suffers from an insecure cookie handling vulnerability. http://packetstormsecurity.org/files/86552/ac4p-uploadxssdisclose.txt http://packetstormsecurity.org/files/86552/ac4p-uploadxssdisclose.txt http://packetstormsecurity.org/files/86552/Ac4p.com-Gallery-1.0-Cross-Site-Scripting-Shell-Upload-Bypass-Disclosure.html Tue, 23 Feb 2010 07:00:24 GMT Ac4p.com Gallery version 1.0 suffers from cross site scripting, phpinfo disclosure, shell upload, and insecure cookie handling vulnerabilities. http://packetstormsecurity.org/files/86358/upload-insecure.txt http://packetstormsecurity.org/files/86358/upload-insecure.txt http://packetstormsecurity.org/files/86358/UPLoad-7.0-Insecure-Cookie-Handling.html Tue, 16 Feb 2010 21:56:36 GMT UPLoad version 7.0 suffers from an insecure cookie handling vulnerability. http://packetstormsecurity.org/files/86300/arabcart-insecure.txt http://packetstormsecurity.org/files/86300/arabcart-insecure.txt http://packetstormsecurity.org/files/86300/Arab-Cart-1.0.2.0-Insecure-Cooking-Handling.html Mon, 15 Feb 2010 22:13:39 GMT Arab Cart version 1.0.2.0 suffers from an insecure cookie handling vulnerability. http://packetstormsecurity.org/files/86124/adultbannerexchange-insecure.txt http://packetstormsecurity.org/files/86124/adultbannerexchange-insecure.txt http://packetstormsecurity.org/files/86124/AdultBannerExchange-Insecure-Cookie-Handling.html Wed, 10 Feb 2010 01:56:28 GMT AdultBannerExchange suffers from an insecure cookie handling vulnerability. http://packetstormsecurity.org/files/86123/apartmentsearch-insecuresql.txt http://packetstormsecurity.org/files/86123/apartmentsearch-insecuresql.txt http://packetstormsecurity.org/files/86123/ApartmentSearch-Insecure-Cookie-Handling-SQL-Injection.html Wed, 10 Feb 2010 01:55:23 GMT ApartmentSearch suffers from remote SQL injection and insecure cookie handling vulnerabilities.