Jevonweb Guestbook Remote Admin Access Exploit

2009-12-25T00:00:00
ID 1337DAY-ID-10388
Type zdt
Reporter Sora
Modified 2009-12-25T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ==============================================
Jevonweb Guestbook Remote Admin Access Exploit
==============================================

# Vendor: http://www.jevonweb.f2s.com/
# Version: 1.0
# Tested on: Windows and Linux
---------------------------------------
> Jevonweb Guestbook Remote Admin Access Exploit
> Author: Sora
> Contact: [email protected]
> Google Dork: "Jevonweb Guestbook" "http://www.jevonweb.f2s.com/" inurl:/cp/Scripts/PHP/Guestbook/config.php
 
Description:
Jevonweb Guestbook suffers a remote admin access exploit in setup.php.
 
Solution:
Add setup.php to the webhost's .htaccess file.
 
# Code: http://www.site.com/cp/Scripts/PHP/Guestbook/read.txt



#  0day.today [2018-04-12]  #