===========================================================
============================================================
ExoPHPDesk is helpdesk written in PHP/SQL.
Default installation dont remote install.php
1- Remote users can re-install script: install.php
2- Change admin username and password: install.php?step=4
3- Access to admin system, edit Attachment Configurations:
admin.php?action=configuration
4- Upload .php scripts: index.php?fn=ticket&type=add
5- Go to [site]/[helpdesk]/[Attachment Dir]/[file].php
6- Execute command or php code :).
1-Remove install.php.
2-
<?
if(file_exists('install.php')) {
die('remove install.php o_O');
}
?>
http://www.soulblack.com.ar/repo/papers/advisory/exophpdesk_advisory.txt
Vulnerability reported by SoulBlack Security Research.
============================================================
Soulblack Security Research
http://www.soulblack.com.ar
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/