Bugtraq mailing list archives
Another vulnerability in hosting controller
From: Bao Dai Nhan <baodainhan () fptnet com>
Date: 19 May 2002 10:10:50 -0000
1/If admin doesn't change or delete user AdvWebadmin, the default password of this user is advcomm500349, you can creat your own account or use this account to hack the server. 1/ A foolish vulnerability, i can view the harddisk by using the file browse.asp in directory admin www.victim.com/admin/browse.asp?FilePath=c:\&Opt=2&level=0 BAODAINHAN baodainhan () fptnet com www.viethacker.net
Current thread:
- Another vulnerability in hosting controller Bao Dai Nhan (May 20)