This writeup describes multiple vulnerabilities in easyCMS <= 0.4.2, including SQL injection and insecure cookie handling for authentication bypass. It provides JavaScript snippets to exploit these vulnerabilities by manipulating cookies.
Classification
Writeup 90%
Attack Type
Sqli | Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target:easyCMS <= 0.4.2
No auth needed
Prerequisites:Access to the target website · Browser with JavaScript execution capability