CVE-2008-6743

RSMScript 1.21 - Unauthenticated Authentication Bypass via Cookie Manipulation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-6743. PoCs published by Osirys.

AI-analyzed exploit summary The exploit demonstrates an insecure cookie handling vulnerability and an XSS vulnerability in RSMScript 1.21. The cookie handling issue allows an attacker to bypass authentication by setting a specific cookie, while the XSS vulnerability can be exploited by injecting arbitrary JavaScript code into a file that is later displayed without proper sanitization.

Description

RSMScript 1.21 allows remote attackers to bypass authentication and gain administrative privileges by setting the verified cookie to an arbitrary value and performing a direct request to (1) delete.php, (2) edit-submit.php, (3) edit.php, (4) submit.php, and (5) update.php, which bypasses the security check that is performed by verify.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Osirys · textwebappsphp

https://www.exploit-db.com/exploits/7497

View Code ZIP pw:eip

The exploit demonstrates an insecure cookie handling vulnerability and an XSS vulnerability in RSMScript 1.21. The cookie handling issue allows an attacker to bypass authentication by setting a specific cookie, while the XSS vulnerability can be exploited by injecting arbitrary JavaScript code into a file that is later displayed without proper sanitization.

Classification

Working Poc 90%

Attack Type

Auth Bypass | Xss

Complexity

Trivial

Reliability

Reliable

Target: RSMScript 1.21

No auth needed

Prerequisites: Access to the target application · Ability to set cookies in the browser

MITRE ATT&CK