Bug: mAlbum v0.3 admin by default user/pass ( Ascii Version )

Search:
WLB2

mAlbum v0.3 admin by default user/pass

Published
Credit
Risk
2007.02.22
sn0oPy
High
CWE
CVE
Local
Remote
CWE-264
CVE-2007-1045
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

* mAlbum v0.3
admin by default user/pass

* By : sn0oPy

* Risk : high

* exploit :

at http://www.target.ma/malbum/index.php (when private images)

Login : login
Password : pass

after login, you can creat new admin account, delete it,...

Dork :

inurl:"malbum/"

* Default user/pass present here : ...malbumphotosusers.php

<?php
$users = $admins = array();
$users['dqsfg'] = array('PASSWORD' => 'sdfg');
$admins['login'] = array(
'PASSWORD' => 'pass',
'DELETE_PHOTO',
'COMMENT_PHOTO',
'COMMENT_ALBUM',
'MANAGE_USER',
'MANAGE_ADMIN',
);
?>

* contact : sn0oPy (at) avenir-geopolitique (dot) net [email concealed]

* greetz : [subzero], http://forums.avenir-geopolitique.net.

* Reference : http://forums.avenir-geopolitique.net/viewtopic.php?t=2677

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version